Google hackers may have targeted 100+ firms

The cyber criminals who hacked into Google’s systems may have attacked over 100 other companies, according to new information from security consultancy Isec partners.

In a blog posting in December last year, Google first announced that its systems had suffered a hacking attack eminating from China, at the time indicating that “at least twenty other large companies from a wide range of businesses -- including the Internet, finance, technology, media and chemical sectors -- have been similarly targeted”.

Other estimates put the figure at more like 30 companies, with Symantec, Adobe and Intel all named as potential victims.

But having discovered that a larger number of command and control servers than at first thought were involved in the attack, Isec Partners is estimating the number of affected companies to be more than three times that originally thought.

“Further investigations have uncovered that over one hundred companies may have been targeted, although it’s difficult to ascertain how closely related these attackers are to Google’s assailants,” noted Alex Stamos, a partner with Isec Partners.

Details of the hack are emerging all the time, with much of the focus on whether it was sanctioned by the Chinese government. The latest reports seem to indicate that a known security researcher wrote the hacking code and posted it on a forum, where it was picked up by Chinese officials and used.

However, recent remarks made by Google co-founder Sergey Brin suggest that it makes no difference to Google whether the Chinese government was responsible for the attack or not.

"I think that the Chinese government has tens of millions of people in it. If you look at the army, the associated army and whatnot, that's larger than most countries' by far,” he said a recent TED conference in California.

“So even if there were a Chinese government agent behind it, you know, it might represent a fragment of policy as it were."