The Last Watchdog

Google faces profound liability concerns over Gaia password breach

Posted on | April 21, 2010 | 1 comment

If hackers earlier this year truly absconded with the detailed software coding that undergirds Google’s Gaia password system, as reported by the New York Times this week, the search giant could be facing complex security and liability issues for some time to come, security and tech industry analysts say.

“Google now has an incalculable liability to all its users and business, government and foreign government customers whose personal information and secrets have been made available to who knows whom,” says Scott Cleland, tech industry analyst at research firm Precursor. “Google could be liable for the largest identity theft in history, and one of the largest corporate breaches ever.”

The Times quotes “someone with direct knowledge of the investigation” as the source of the revelation that thieves are in possession of the software program that controls the logons to all Google accounts, including tens of millions of Gmail, Google Docs and Google Apps accounts.

The Times says the breach was initiated by an Instant Message that lured a specific Google employee, presumably a Gaia developer or someone close to a Gaia developer, to click on an infected web link. But it’s not at all clear whether the hackers targeted Gaia to begin with — or just got lucky.

Either way “this appears to be a pretty spectacular hit,” says Eddie Schwartz, chief security officer at security firm NetWitness. However, it was by no means a unique one. Military organizations and defense contractos are very familiar with such hacks, and have experienced comparable losses of high-value digital assets. “There have been numerous thefts of equal magnitude over the past five years,” says Schwartz.

The Google breach occurred along with similar attacks on some 30 other large multi-national companies. It prompted Google to complain to the Chinese government. And last month the search giant followed through on its threat to close down its Beijing office and pull out of China.

Jon Ramsey, chief technology officer at SecureWorks, says those attacks underscored how cyberthieves who previously focused on military agencies and defense contractors have shifted to easier corporate targets. “Targeting security controls is not new and the value of being able to subvert a control is well understood,” says Ramsey. “Cybercriminals are now moving outside of the defense industrial base to the intellectual property of American- based companies that are global and in highly competitive markets.”

In gaining access to tens of millions of Google accounts — accounts widely used in the business world — the hackers hit a mother lode. The Internet underground is very efficient. By now Gaia’s coding likely has been reversed engineered. And schemes are probably underway to use the knowledge gained to locate and break into Google accounts used by key employees at companies deemed to possess valuable intellectual property, experts say.

By Byron Acohido

Comments

1 Comment »

Popular Tags

Add new tag antivirus Bagle banking_trojan botnets Conficker CSIS Cyber Megacommunity cybersecurity cyber_czar cyber_warfare data_breaches denial of service F-Secure Facebook Fortify fraudsters fraud_spam IBM_ISS iFrames info ops info_ops koobface Lsass man-in-the-middle Microsoft MSBlast MyDoom Myspace n-dimensional problem Netsky obama Panda Patch_Tuesday phishing routers RPC-DCOM Sasser SQL injection stimulus_package Storm Sven Jaschan Trojan Trusteer Waledec

Search Last Watchdog

Navigate Last Watchdog

• Home

• About

• Contact

• Categories

• Archives

• Blogroll

• Useful Links