Hackers ran detailed reconnaissance on Google employees

By

Could persuade management to revisit security strategy.

The hackers who infiltrated the computer systems of Google earlier this month first carried out sophisticated reconnaisance and may even have posed as friends of Google employees, according to McAfee chief technology officer George Kurtz.

In a project dubbed Operation Aurora by the security giant, hackers are likely to have used sophisticated social engineering techniques and advanced reconnaissance work to target individuals at the companies who had access to sensitive data.

"In this case we saw a lot more reconnaissance done upfront, which is a shift people may not have been aware of," Kurtz told V3.co.uk.

"Speaking generically, we're seeing a lot more targeted attacks where people focus on [employees with] the highest set of privileges, and then work backwards, gaining access to secondary parties to get to the primary source."

This could involve compromising the social networking accounts of employees' friends, then sending them malicious links which they are more likely to click on because they appear to come from a friend.

The technique is not new, but it would be the first time it has been detailed in such a high-profile attack.

Kurtz added that the incident could actually be good for enterprise security in the long run by showing chief information officers that anti-virus and firewall capabilities are not enough.

"We know government-on-government attacks happen all the time, but an alleged government attack on the commercial world is a different story," he said. "It has shed additional light to force upper management to say: 'Are we doing enough?'."

Hackers ran detailed reconnaissance on Google employees
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Log In

  |  Forgot your password?