Hackers ran detailed reconnaissance on Google employees

The hackers who infiltrated the computer systems of Google earlier this month first carried out sophisticated reconnaisance and may even have posed as friends of Google employees, according to McAfee chief technology officer George Kurtz.

In a project dubbed Operation Aurora by the security giant, hackers are likely to have used sophisticated social engineering techniques and advanced reconnaissance work to target individuals at the companies who had access to sensitive data.

"In this case we saw a lot more reconnaissance done upfront, which is a shift people may not have been aware of," Kurtz told V3.co.uk.

"Speaking generically, we're seeing a lot more targeted attacks where people focus on [employees with] the highest set of privileges, and then work backwards, gaining access to secondary parties to get to the primary source."

This could involve compromising the social networking accounts of employees' friends, then sending them malicious links which they are more likely to click on because they appear to come from a friend.

The technique is not new, but it would be the first time it has been detailed in such a high-profile attack.

Kurtz added that the incident could actually be good for enterprise security in the long run by showing chief information officers that anti-virus and firewall capabilities are not enough.

"We know government-on-government attacks happen all the time, but an alleged government attack on the commercial world is a different story," he said. "It has shed additional light to force upper management to say: 'Are we doing enough?'."