Gmail Spear Phishing Attack May Affect Hotmail, Yahoo Mail

By Stefanie Hoffman
June 03, 2011 7:49 PM ET

Page 2 of 2

Paquette added that high-profile organizations, such as Google, needed to be adequately prepared in the almost inevitable event of a cyber attack.

“If your organization has any electronically stored information that could be of value to someone or some other organization, then you should assume that an attempt to access it will be made through some type of cyber attack or social engineering attempt,” he said. “Email accounts of government officials or political figures clearly fall into this category.”

However, whether the attacks are state sponsored, or even originate from China, is yet undetermined, security experts say.

Google was quick to publicly point to China as the source of the Gmail phishing attacks , eliciting a strong reaction from Chinese officials, who deemed the search giant’s accusations “unacceptable.”

Paquette contended that he suspected “Google has collected a great deal of data to support its claims, and that they are not overhyping the attack.”

However, other security researchers say that Google might have been too hasty in pointing fingers.

Jayson Street, security researcher and author of the book “Dissecting The Hack,” said that a phishing attack sourced from China didn’t necessarily imply that it was state sponsored.

“It’s easier to say ‘we were attacked by a nation state’ than to say ‘attackers got into our systems with a vulnerability we weren’t aware of,’’’ he said. “It’s convenient. No one’s taking the time to look at the issue.”

Marcus Carey, researcher at security firm Rapid7 and former NSA employee, said there was a strong chance that the attacks were attributed to Chinese hackers, spread by civilians running pirated software or outdated operating systems. Carey pointed out that a vast majority -- an estimated 80 percent -- of computer users in China were running pirated software.

“That means they don’t get patched,” Carey said. “They’re rampant with viruses. People don’t care what computer they use for a botnet. When you’re running bootleg software, that’s what the malware is going to do.”

Street said that another possible scenario was that the attack was launched from the U.S., or anywhere else, by hackers using a rented Chinese botnet.

“One scenario is just as likely as another scenario,” he said. “If all we do is blame China, we’re not going to find out who the real attacker are. We want to find the attackers, not just create a scapegoat. It’s not the easiest thing to do, but it’s the right thing to do.”

<< Previous | 1 | 2

To continue reading this article, please download the free CRN Tech News app for your iPad or Windows 8 device.

Related: Videos | Slide Shows | Comments

SHARE THIS ARTICLE

More Security

Comments by Vanilla

Recent Articles

	Head-To-Head: Symantec Vs. McAfee In Endpoint Protection McAfee and Symantec are archrivals with a firm grip on the North American security market. CRN pits both vendors' endpoint security products against each other and names a winner.
	The 8 Steps Behind The Massive $45M Cyber Bank Heist More than $45 million was stolen from banks in the U.S. and 19 other countries in a scheme that law enforcement is calling an international conspiracy to drain millions from bank accounts using stolen debit cards and PIN numbers. Here's how they did it.
	Name Of The Game: Top 10 States For Identity Theft A Federal Trade Commission report provides statistics on identity theft and fraud complaints in 2012. Learn which state has the dubious distinction of having the most victims.
	More Slide Shows