Attackers who raided Google in 2010 to learn information about Chinese human rights activists also sought insight on which Chinese intelligence agents were on the radar of US authorities.
The intruders spearheaded the so-called Aurora attacks that breached more than 30 firms using weaponised PDFs. Meanwhile they accessed a Google database which contained data about court orders that authorised surveillance of certain individuals, the Washington Post reported quoting unnamed US officials.
Among the most sensitive data accessed were court orders, issued under the Foreign Intelligence Surveillance Act (FISA), which allowed the Government to access electronic data, like Gmail accounts, related to foreign or terrorist threats.
Recent comments from a Microsoft executive appeared to further corroborate these details. Last month, Dave Aucsmith, senior director for Microsoft's Institute for Advanced Technology, reportedly said the Aurora campaign's mission was to uncover court orders revealing US law enforcement surveillance efforts.
Aucsmith since clarified his remarks to SC.
“What I should have said was, ‘According to what I've read concerning the so-called Aurora attack…industry investigators found that the point of entry was a backdoor access system created by Google in order to comply with government search warrants on user data'.”
“My comments were not meant to cite any specific Microsoft analysis or findings about motive or attacks, but I recognise that my language was imprecise,” he said.
Google declined comment to SC, and the FBI has not immediately responded.
Meanwhile, a cyber espionage group believed to be based in China has resumed operations. On Sunday, the New York Times reported that the Chinese military hacking unit behind the theft of hundreds of terabytes of information from scores of organisations, many in the United States, had resumed its operations.