Google Hack Attack (Operation Aurora): What We Know

Google-Hack-Attack-Operation-AuroraYou must have heard by now that Google was the target of a “highly sophisticated” attack originating out of China. Details about the hack attack, which has been dubbed by McAfee as Operation Aurora, have been trickling in since Google’s explosive revelation. Here is what we know so far.

The Targets

Google was not the only target. At least, 20 companies were targeted in this hack attack including, Yahoo, Adobe Systems, Juniper Networks and Rackspace Hosting.

The Goal

One of the primary objectives was to gain access to the Google accounts of human rights activists. It is also probable that Yahoo was targeted for the same reason.

The Vehicle

The attacks are notable for their complexity and sophistication. The hackers used multiple levels of encryption and took unprecedented precautions to avoid detection. An unknown exploit in Internet Explorer was utilised by the hackers to gain control of target systems. The exploit affects all versions of Internet Explorer since IE 6 and can be exploited on Windows 2000, XP, Server 2003, Vista, Server 2008, Windows 7 and Server 2008 R2. You can see the exploit in action over here. Microsoft has published a security advisory and is working on a patch. In the meantime, it is recommended that you do not use Internet Explorer.

Internet Explorer was not the only vector used by the hackers. Vulnerabilities in Adobe’s Reader and Acrobat were also among the weaknesses utilised by Operation Aurora.

What’s Next?

The sophistication of the attack has led some researchers to conclude that the Chinese Government was behind the attacks. Meanwhile, the U.S. State Department spokesman has stated that the US Government will formally ask China for an explanation. US Secretary of State Hillary Clinton has already informally asked for an explanation.

We will be hearing a lot more about Operation Aurora in the days to come. One thing which is certain is that the issue won’t die quietly.

12 thoughts on “Google Hack Attack (Operation Aurora): What We Know”

      1. Retaliation is not the answer, especially not with nuclear arms. Such a response would most likely trigger a nuclear war that the Earth itself would not survive. You should be ashamed for your suggestion.

        1. I beg to differ, first strike nuclear use is, indeed, the answer. Mankind has screwed up this planet with greed, avarice and general stupidity.

          The Earth has likely had nuclear armageddon before and has healed itself, hoping that the next version of mankind will get it right. Looks to me like we've failed.

          You should be ashamed for not seeing the trees because of the forest.

  1. What should be foremost in everyones' minds is that a nation, who rules by force and threats have committed a serious crime and some would say (including myself) an act of war. This sort of action, cannot be tolerated at all. I am astonished at the lack of international concern over the serious incursion perpetrated by a foreign government. There should be retribution for this criminal act.

  2. "It is very bad to attack on google. Google should remove their service from china. "

    Is a bad attack enough reason to drop a market of 1.3 billion consumers ? I wonder whether Google will really leave China, there's a hell of a lot of money involved.

    "It just shows you that you must not use IE, rather use FireFox, and use alternatives to adobe too, like foxit."

    You really think only Microsoft and Adobe products contain 0day vulnerabilities ? If we all migrate to Mozilla and Fox-IT Reader, this will just mean that hackers will focus on flaws contained within these products.

    When we will have a similar incident with Firefox in a few months, will you advice everyone to use Google Chrome instead ?

  3. "What should be foremost in everyones’ minds is that a nation, who rules by force and threats have committed a serious crime and some would say (including myself) an act of war. This sort of action, cannot be tolerated at all."

    You really think so ? Don't you realize that all countries practice industrial espionage, not only against enemies, but even against supposed political allies ? And do you think that your country does not spy on others ?

    Of course countries react agitated when news about espionage incidents get public, and they try to protect their assets. But everyone knows that espionage is a fact of life you have to deal with.

    I wonder whether Americans think that France should have attacked them when the NSA assisted US companies by providing intercepted offers from French defence companies regarding the sale of military equipment to Brazil, enabling the American to provide a better offer compared to their French competitors, ensuring that the American companies got the deal.

  4. Is anyone else wondering why if who ever launch this attack didn't want to get noticed they would go after Human Rights Activist accounts… and why they would launch it from their own back yard? If I was a betting man, I would say that these two key points are just what who ever did this wants us to think. It's a ruse to make people think China did this. Oh I would almost bet it was a government. Just not china.

  5. The human right activists should use Linux and browsers which are rarely used for example konqueror !! Google should switch to REDHAT ENTERPRISE LINUX for all their operations !!!

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>