Feeds

Aurora attack tried to pinch secret list of Chinese spies

Oops...looks like another US intelligence FAIL

The essential guide to IT transformation

The Chinese hackers involved in the Operation Aurora attacks revealed by Google in 2010 may have accessed top secret information on US surveillance targets in the country including suspected foreign spies and terrorists, it has emerged.

Speaking anonymously to the Washington Post, “US officials” familiar with the infamous data breach said that the hackers may have gained valuable intelligence by accessing a highly sensitive database detailing court orders authorising the surveillance.

Although they said it was unclear how much the attackers managed to find out, such info could theoretically help a foreign power identify which of their operatives were under investigation.

“Knowing that you were subjects of an investigation allows them to take steps to destroy information, get people out of the country,” one official told the DC-based paper.

The findings echo comments made by Dave Aucsmith, senior director of Microsoft's Institute for Advanced Technology in Governments, at a Washington conference last month.

He revealed that an attempt was also made to breach Redmond’s systems to find out which email accounts “we had lawful wiretap orders on”, according to CIO.

When Google revealed the Aurora breach back in January 2010, the first time a major company had named and shamed Chinese hackers for an attack, chief legal officer David Drummond claimed: “we have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists.”

The firm even used the attacks, which it was careful never to attribute to the Chinese government, as one of its reasons to largely shutter its China search business, moving its servers to neighbouring Hong Kong.

The Chocolate Factory is offering no comment on these new revelations but if accurate, they don’t reflect too well on the effectiveness of its information security defences at the time.

Former CIA officer and SANS guest editor Christopher Burgess argued that Google should at least have expected something like this to happen:

If the PRC learned that their officers or surrogates were being subjected to official US Government inquiry via review of the Google data stores, they could follow two paths: tone down and extract the individual, or light up and misdirect the US security services. A key point is that any service provider which is subject to lawful intercept inquiries by the US Government (in this case for counter-intelligence purposes) has had fair warning - you are the target of nation states' CI programs.

®

Next gen security for virtualised datacentres

More from The Register

next story
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
Who needs hackers? 'Password1' opens a third of all biz doors
GPU-powered pen test yields more bad news about defences and passwords
Think crypto hides you from spooks on Facebook? THINK AGAIN
Traffic fingerprints reveal all, say boffins
Rupert Murdoch says Google is worse than the NSA
Mr Burns vs. The Chocolate Factory, round three!
Microsoft cries UNINSTALL in the wake of Blue Screens of Death™
Cache crash causes contained choloric calamity
Germany 'accidentally' snooped on John Kerry and Hillary Clinton
Dragnet surveillance picks up EVERYTHING, USA, m'kay?
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.