Register for an account

X

Enter your name and email address below.

Your email address is used to log in and will not be shared or sold. Read our privacy policy.

X

Website access code

Enter your access code into the form field below.

If you are a Zinio, Nook, Kindle, Apple, or Google Play subscriber, you can enter your website access code to gain subscriber access. Your website access code is located in the upper right corner of the Table of Contents page of your digital edition.

Technology

#16: Google Whacked by Hack Attack

By Kiona N. SmithDecember 16, 2010 6:00 AM

Newsletter

Sign up for our email newsletter for the latest science news

When a multibillion-dollar corporation gets quietly and spectacularly hacked, the last thing you expect it to do is announce the breach to the world. Yet that’s exactly what Google did last January after discovering hackers had breezed past its security measures to burrow deep into its network.

The well-coordinated attack, dubbed Operation Aurora, began with an instant message to a Google employee in China that included a link to a malicious Web site. When the employee clicked on the link, the nefarious code downloaded to a computer, enabling the attackers to control it and hop to other machines in the company’s U.S. network. The intruders accessed a software repository used by Google developers, siphoned intellectual property, and viewed basic Gmail account information for at least two human rights activists who focus on China.

No fewer than 27 other companies—financial institutions and defense contractors among them—were also attacked, but most remained mum. Google went public in part to counter the silence of its fellow victims. Google cofounder Sergey Brin said in February that “if more companies were to come forward with respect to these sorts of security incidents and issues, I think we would all be safer.” Google’s admission made other companies realize the sophistication of the attacks they might face, says Alan Paller, director of research at the sans Institute, which trains computer security professionals.

Although determining the precise source of a hack is often impossible, fingers pointed at China as the likely origin, sparking a volley of political posturing from Beijing, Silicon Valley, and Washington, D.C. In its blog post reporting the cyberattack, Google announced it would stop censoring search results in China and threatened to pull out of the country entirely. In the end, the company only added a link to its Chinese search page, allowing users to view uncensored results through its Hong Kong–based search engine. 

2 Free Articles Left

Want it all? Get unlimited access when you subscribe.

Subscribe

Already a subscriber? Register or Log In

Want unlimited access?

Subscribe today and save 70%

Subscribe

Already a subscriber? Register or Log In