Chinese hackers gained access to “years worth of US law enforcement and spy data” in a breach of Google’s servers back in 2010, according to a report.
Official response from Google at the time said the hackers were after “human rights activist information”, where in fact US officials actually say they were after a sensitive database.
At the time a dispute was raised between Google and the FBI stemming from distrust for making no reference to the possible hacked database.
It now appears email service Gmail could have been the intended target; with the hackers attempting to see who had been flagged for surveillance by the U.S government.
David Aucsmith, director of Microsoft’s Institute for Advanced Technology in Governments, gave some more insight on the reason for the breach.
“If you think about this, this is brilliant counterintelligence,” he said. “You have two choices: If you want to find out if your agents, if you will, have been discovered, you can try to break into the FBI to find out that way.”
He added, “Presumably that’s difficult. Or you can break into the people that the courts have served paper on and see if you can find it that way. That’s essentially what we think they were trolling for, at least in our case.”
The US and China, despite both saying they take an anti-cybercrime stance, cannot seem to keep out of cyber-related headlines for long. It emerged the States is now the biggest global buyer of malware, whilst China takes the dubious award for 41 percent of global attack traffic (not exactly an Oscar).
Back on the US front, another headline hit of the FBI monitoring a paid for DDoS (Denial of Service) attack websites users through a backdoor, and owner Justin Poland is upfront in an article to a KrebsonSecurity reporter saying the FBI allows his website to stay online in return for logs.
In a case of “tit-for-tat” journalism, TelecomsTech reported in October last year how Chinese network equipment manufacturers Huawei and ZTE were highlighted for possible bribery and corruption offences, immigration violations and of using pirated software.
What do you think about the state of cyber security within governments? Is it time treaties are made and it’s treated with the same seriousness as warfare?