Via Washington Post - Google hackers duped system administrators to penetrate networks, experts say:
The hackers who penetrated the computer networks of Google and more than 30 other large companies used an increasingly common means of attack: duping system administrators and other executives who have access to passwords, intellectual property and other information, according to cybersecurity experts familiar with the cases.
"Once you gain access to the directory of user names and passwords, in minutes you can take over a network," said George Kurtz, worldwide chief technology officer for McAfee, a Silicon Valley computer security firm that has been working with more than half a dozen of the targeted companies.
"The bottom line here is if your company has any business dealings with China or has extremely valuable technology or intellectual property, you have a high likelihood of being a target," said Rob Lee, a director with Mandiant, a security firm that is working with some of the targeted companies.
He said he believes the same group or groups that have targeted Google and the other companies have penetrated "hundreds if not thousands" more firms. They target not only system administrators but anyone with privileged access to a company's network, he said.
Also see our post yesterday, Google Password Breach: Reason Anew To Doubt Security in the Cloud? and Dave Bilinsky's similarly-minded commentary at Slaw, Can You be too Paranoid?
- Garry J. Wise, Toronto