Chang says he has no inside or special knowledge, but here is his theory: the hack was much more of a sophisticated intelligence operation than many believed. The first step was espionage and data collection.
The second step was the hack itself. Chang believes that the Chinese hackers figured out the identities of the system administrators for various computer networks. Then, the hackers figured out, using publicly availably Facebook data, the social networks that these systems administrators were part of.
Then, masquerading as these friends, they sent e-mails to the targets with compromised links. E-mails from a trusted source? Ah, but they were spoofed, using a vulnerability in an outdated version of Internet Explorer.
Unbeknownst to the system administrator, once they clicked on the link, the malware deposited an SSL -- a secure sockets layer -- essentially an encrypted tunnel -- between the host computer and a computer controlled by the hackers. From that point, searching around for passwords and proprietary information was easy.
"This is a huge event in the history of cybersecurity," Chang said, "We'll be talking about this one 30 years from now."
Google suspects that at least a half dozen of its employees were complicit -- or turned by the hackers -- at some point in the process. And, was the Washington Post reported, it has partnered with the National Security Agency to figure out once and for all, from start to finish, how its systems were hacked.
Posts
No Response to "How The Hackers Took Google: A Theory"
Post a Comment