January 25, 2010 11:47 pm

Hackers target friends of Google workers

Personal friends of employees at Google, Adobe and other companies were targeted by hackers in a string of recently disclosed cyberattacks, raising privacy concerns and pointing to a highly sophisticated operation, security experts said.

Cybersecurity experts analysing the attacks said the hackers spied on individuals and used other sophisticated techniques, making them extremely difficult to stop. The disclosures come amid renewed alarm over cybersecurity after Google said it had been the target of a series of cyberattacks from China.

The most significant discovery is that the attackers had selected employees at the companies with access to proprietary data, then learnt who their friends were. The hackers compromised the social network accounts of those friends, hoping to enhance the probability that their final targets would click on the links they sent.

“We’re seeing a lot more up-front reconnaissance, understanding who the players are at the company and how to reach them,” said George Kurtz, chief technology officer at security firm McAfee.

“Someone went to the trouble to backtrack: ‘Let me look at their friends, who I can target as a secondary person’.”

McAfee discovered that a previously unknown flaw in Microsoft’s Internet Explorer had been used in the attacks. Mr Kurtz said the attackers also used one of the most popular instant messaging programmes to induce victims to click on a link that installed spy software.

Another element of the attack code used a formula only published on Chinese language websites, said Joe Stewart, a researcher for security firm SecureWorks. Mr Stewart also found that some of the code had been assembled in 2006, suggesting that the campaign had been not only well organised but enduring.

The evidence pointed to a government-sponsored effort that only large spy agencies or perhaps some of the most advanced big companies could have withstood, experts said. China on Monday described accusations it was behind cyberattacks as “groundless”.

Sam Curry, vice-president of security firm RSA, said: “This is a loud message for the commercial world, which is: wake up, this isn’t all happiness and goodness and new business.

“Doing business on the internet is as risky as sending ships through the Panama Canal.”

Copyright The Financial Times Limited 2014. You may share using our article tools.
Please don't cut articles from FT.com and redistribute by email or post to the web.

NEWS BY EMAIL

Sign up for email briefings to stay up to date on topics you are interested in

SHARE THIS QUOTE