Report Says Google Attack Traced to Two Chinese Schools
BY Courtney Rubin
Sleepless nights ahead for CEOs: The same hackers also have launched similar assaults on other companies -- and a new (and unrelated) attack has hit some 2,500 firms.
Two schools in China have been pinpointed as the source of a spate of Internet attacks that hit Google and some 30 other companies, according to The New York Times – but Chinese sources are denying knowledge of the strikes.
Security experts – some from the National Security Agency – said the so-called Project Aurora attacks had been traced to the prestigious Shanghai Jiao Tong University and the Lanxiang Vocational School in Shandong province. Jiao Tong has one of China's top computer science programs. Lanxiang, about 250 miles south of Beijing, is also well-known and trains some computer scientists for the Chinese military.
The Chinese government has firmly denied any involvement in the cyber attacks, which led Google to rock U.S.-China relations and threaten to pull the plug on its Chinese search engine. A Lanxiang female member of staff told the U.K.'s The Guardiannewspaper that the school was not aware of the Google attacks.
"We did not know Google was hacked before the New York Times contacted us – when they called, we told them we know nothing but they still made the story up," she said. "Our students are middle school graduates, and we train them to use software like Photoshop. If our students are so skilled they can hack Google, then what are they here for?"
Google, which took the unusual step of going public with the attacks January 12, has not commented except to say that the investigation is ongoing.
The news comes amid two other revelations sure to distress already-vulnerable companies: First, that the hackers launched similar attacks on Fortune 100 companies for at least the past year and half. And second, another attack has struck around 2,500 companies – and some 75,000 computer systems – in an orchestrated attempt to steal sensitive personal and financial data. Called the Kneber bot, it was run by an Eastern Europe-based hacking ring that tricked employees in 196 countries (including the U.S.) to download infected software or e-mail attachments. The "bots" put the digital thieves in control of the users' computers, letting them extract log-in details and passwords for banking and social networking sites and then using their ill-gotten gains to conquer more computer systems.
This attack – which began in late 2008 and was uncovered by security firm NetWitness last month – doesn't appear to be linked to Operation Aurora. But like the Google assault, it highlights the increasing sophistication and scale of hacking. It also raises the alarm about companies' susceptibility to such attacks.
"The traditional security approaches of intrusion-detection systems and anti-virus software are by definition inadequate for these types of sophisticated threats," Amit Yoran, chief executive of security firm NetWitness, told the Washington Post. "The things that we -- industry -- have been doing for the past 20 years are ineffective with attacks like this. That's the story."
Inc. contributing editor COURTNEY RUBIN was for five years a London-based staff writer for People magazine. Rubin, a former senior writer for Washingtonian magazine, has written for the New York Times magazine, Time, Marie Claire, and other publications. She is the author of The Weight-Loss Diaries.