Google attack: source code the real target?

Stephen Withers
Thursday, 14 January 2010 03:23

Business IT - Security

It seems there was more to the China-based attack on Google and other US companies than the search giant originally revealed. Source code may have been the real target.

When Google revealed that it had been the victim of "a highly sophisticated and targeted attack on our corporate infrastructure originating from China", the only specific issue mentioned was attempts to access the Gmail accounts of Chinese human rights activists.

According to reports, that was achieved by accessing the system used by Google to meet its intercept obligations under US law.

But it now seems that the real target of the attacks on Google and over 30 other companies including Adobe was source code. According to VeriSign's iDefense security operation, many of the attacks were successful.

Yahoo! issued a statement in support of Google, but did not say if it had been one of the companies attacked.
 
Adobe officials have confirmed the company was attacked, but claims there is "no evidence to indicate that any sensitive information - including customer, financial, employee or any other sensitive data - has been compromised."

The inclusion of Adobe on the hit list is ironic, as it seems that a vulnerability in that company's Reader software played a key role in the attack.

The attackers emailed maliciously formed PDF files to specific employees at the companies. While large-scale attacks of this kind are relatively easy to spot (they'll likely be intercepted by spam filters and any messages that do get through generally have characteristics that raise suspicions), a carefully targeted attack that utilises knowledge about relationships and job functions within a company is harder to detect.

But it seems PDFs weren't the only file types used in the attack. And the US Government isn't happy! Please read on.