1/12/2010 03:00:00 PM
Like many other well-known organizations, we face cyber attacks of varying degrees on a regular basis. In mid-December, we detected a highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property from Google. However, it soon became clear that what at first appeared to be solely a security incident--albeit a significant one--was something quite different.
First, this attack was not just on Google. As part of our investigation we have discovered that at least twenty other large companies from a wide range of businesses--including the Internet, finance, technology, media and chemical sectors--have been similarly targeted. We are currently in the process of notifying those companies, and we are also working with the relevant U.S. authorities.
Second, we have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists. Based on our investigation to date we believe their attack did not achieve that objective. Only two Gmail accounts appear to have been accessed, and that activity was limited to account information (such as the date the account was created) and subject line, rather than the content of emails themselves.
Third, as part of this investigation but independent of the attack on Google, we have discovered that the accounts of dozens of U.S.-, China- and Europe-based Gmail users who are advocates of human rights in China appear to have been routinely accessed by third parties. These accounts have not been accessed through any security breach at Google, but most likely via phishing scams or malware placed on the users' computers.
Hacker Finds Cracks in Cellphone Code
The Wall Street Journal
, DECEMBER 30, 2009
A German hacker claims to have cracked the encryption that protects most cellphone calls, potentially paving the way for others to eavesdrop on conversations.
The claim, if true, could pose a threat to many wireless carriers who have used essentially the same security on their networks for years.
The hacker, Karsten Nohl, says he and a small team broke the encryption code for networks on GSM technology, which makes up more than 80% of the world's cellular networks, to show how vulnerable they are and to make carriers more serious about security. He is expected to demonstrate Wednesday.
"It's likely going to be used for the corporate-espionage kind of thing," says Stan Schatt, a security analyst at ABI Research. "In practical terms, it means hanging out in the parking lot of Google or somewhere and targeting executives with cellphones."
More on this story --->>
More about Karsten Nohl's GSM hack attack --->>