[ISN] Google hackers duped system administrators to penetrate networks, experts say

From: InfoSec News <alerts_at_private>
Date: Thu, 22 Apr 2010 00:20:24 -0500 (CDT)
http://www.washingtonpost.com/wp-dyn/content/article/2010/04/20/AR2010042005300.html

By Ellen Nakashima
Washington Post Staff Writer
April 21, 2010

The hackers who penetrated the computer networks of Google and more than 
30 other large companies used an increasingly common means of attack: 
duping system administrators and other executives who have access to 
passwords, intellectual property and other information, according to 
cybersecurity experts familiar with the cases.

"Once you gain access to the directory of user names and passwords, in 
minutes you can take over a network," said George Kurtz, worldwide chief 
technology officer for McAfee, a Silicon Valley computer security firm 
that has been working with more than half a dozen of the targeted 
companies.

Kurtz and others said hackers are mounting ever more sophisticated and 
effective attacks that often begin with a ruse familiar to many computer 
users -- a seemingly innocuous link or attachment that admits malicious 
software.

The attacks were publicized in January when Google, one of the world's 
most advanced tech firms, announced that intruders had penetrated its 
network and compromised valuable intellectual property. Google asserted 
that the attacks originated in China; Chinese officials say they are 
investigating.

[...]


___________________________________________________________
Register now for HITBSecConf2010 - Dubai, the premier 
deep-knowledge network security event in the GCC, 
featuring keynote speakers John Viega and Matt Watchinski! 
http://conference.hitb.org/hitbsecconf2010dxb/
Received on Wed Apr 21 2010 - 22:20:24 PDT

This archive was generated by hypermail 2.2.0 : Wed Apr 21 2010 - 22:37:17 PDT