Page 2 of 2
Paquette added that high-profile organizations, such as Google, needed to be adequately prepared in the almost inevitable event of a cyber attack.
“If your organization has any electronically stored information that could be of value to someone or some other organization, then you should assume that an attempt to access it will be made through some type of cyber attack or social engineering attempt,” he said. “Email accounts of government officials or political figures clearly fall into this category.”
However, whether the attacks are state sponsored, or even originate from China, is yet undetermined, security experts say.
Google was quick to publicly point to China as the source of the Gmail phishing attacks , eliciting a strong reaction from Chinese officials, who deemed the search giant’s accusations “unacceptable.”
Paquette contended that he suspected “Google has collected a great deal of data to support its claims, and that they are not overhyping the attack.”
However, other security researchers say that Google might have been too hasty in pointing fingers.
Jayson Street, security researcher and author of the book “Dissecting The Hack,” said that a phishing attack sourced from China didn’t necessarily imply that it was state sponsored.
“It’s easier to say ‘we were attacked by a nation state’ than to say ‘attackers got into our systems with a vulnerability we weren’t aware of,’’’ he said. “It’s convenient. No one’s taking the time to look at the issue.”
Marcus Carey, researcher at security firm Rapid7 and former NSA employee, said there was a strong chance that the attacks were attributed to Chinese hackers, spread by civilians running pirated software or outdated operating systems. Carey pointed out that a vast majority -- an estimated 80 percent -- of computer users in China were running pirated software.
“That means they don’t get patched,” Carey said. “They’re rampant with viruses. People don’t care what computer they use for a botnet. When you’re running bootleg software, that’s what the malware is going to do.”
Street said that another possible scenario was that the attack was launched from the U.S., or anywhere else, by hackers using a rented Chinese botnet.
“One scenario is just as likely as another scenario,” he said. “If all we do is blame China, we’re not going to find out who the real attacker are. We want to find the attackers, not just create a scapegoat. It’s not the easiest thing to do, but it’s the right thing to do.”