Data thieves target Google password system ‘Gaia’

20 Apr 2010

Among information stolen from Google during Chinese cyber attacks last year was a top secret password system code-named Gaia after the Greek goddess of earth.

In January, Google revealed that it and at least 20 other international companies based in China had been hit by cyber attacks originating in China and targeting human rights activists’ Gmail accounts.

The attacks were enough to perturb Google into deciding to pull out of China entirely.

However, it has emerged that the hacker attacks went further and deeper than originally revealed, not just stopping at Gmail accounts but actually at the core security of Google internationally.

The New York Times has reported that the Gaia software, still in use at Google but known as Single Sign On, was among the cyber thieves’ targets.

According to the report, Gmail users’ passwords do not seem to have been compromised but there’s a small possibility that the stolen software could reveal vulnerabilities for future use. The fear is the hackers may find vulnerabilities Google itself isn’t aware of.

One alarming theory is the data thieves could install a Trojan horse within Google’s data centres and create multiple points of entry.

The theft began when a Google employee in China, using Microsoft’s Messenger system, clicked on a link connecting to a ‘poisoned’ website which unknown to the user gave the intruders access to their personal computer and from there to a critical group of software developers at Google’s Silicon Valley headquarters.

Hours after announcing the intrusions, Google tightened up its cyber security, adding new layers of encryption to its Gmail services as well as its data centres and every workers’ PC.

By John Kennedy

Photo: Cyber attacks that originated in China and affected Google were enough to have the internet search giant withdraw from China entirely

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years