Categories: HackingSecurity

Google data breach, Company’s Surveillance Database hacked

Chinese hackers who breached Google in 2010 are responsible for the recent violation to Google Company’s Surveillance Database according officials revelations.

Google data breach is reality and Google Company’s Surveillance Database has been violated by the same hackers who breached Google’network in 2010, the attackers have obtained the access to the company’s tracking system for management of surveillance requests from law enforcement.

The news has been published by the Washington Post and confirmed the voices on the Google data breach.

The database hacked is used by Google company to archive the court orders submitted by law enforcement who are investigating on a user’s profile, but the repository also includes classified Foreign Intelligence Surveillance Act (FISA) orders that are used in foreign intelligence surveillance investigations.

FISA is a US law which outlines practices for the physical and electronic surveillance and “collection of “foreign intelligence information” between “foreign powers” and “agents of foreign powers”, “the sections of FISA authorizing electronic surveillance and physical searches without a court order specifically exclude their application to groups engaged in international terrorism. 

The Google’s database contained precious information on surveillance activities conducted during the last years, it’s clear the purpose of the attack, it was arranged to gather information on law enforcement and intelligence agency’s investigation on Chinese intelligence operatives in the US, a former US official confirmed to the Washington Post it:

“Knowing that you were subjects of an investigation allows them to take steps to destroy information, get people out of the country,” 

The Post states:

“The breach appears to have been aimed at unearthing the identities of Chinese intelligence operatives in the United States who may have been under surveillance by American law enforcement agencies.”

In 2010 numerous companies were hacked by Chinese hackers, including Adobe and many other financial institutions and defense contractors, with a series of sophisticated cyber attacks. The attackers stolen from Google source code and also tried to access to the Gmail accounts of Tibetan activists.

The hackers that targeted Google in December also hit 33 other companies using a zero-day vulnerability in Adobe Reader to deliver malware to the victims and steal  source-code management systems to obtain the access to company source code as well as to modify it to make customers who use the application vulnerable to attack.

The Google data breach was originated in China, Secretary of State Hillary Clinton publicly condemned the intrusion requesting for the Chinese Government to give information on the attack.

Google hasn’t confirmed the impairment of its systems for processing law enforcement surveillance requests, but announced to stop collaborating with Chinese authorities for censoring Google search results in that country.

Google isn’t unique victims of this new wave of attacks, last month, a senior Microsoft official denounced that Chinese hackers had targeted the company’s systems having the same function of Google Surveillance DB about the same time that Google’s was breached.

“What we found was the attackers were actually looking for the accounts that we had lawful wiretap orders on,” David W. Aucsmith, senior director of Microsoft’s Institute for Advanced Technology in Governments, said at a conference near Washington, according to a recording of his remarks. “If you think about this, this is brilliant counterintelligence,” he said in the address, which was first reported by the online magazine CIO.com. “You have two choices: If you want to find out if your agents, if you will, have been discovered, you can try to break into the FBI to find out that way. Presumably that’s difficult. Or you can break into the people that the courts have served paper on and see if you can find it that way. That’s essentially what we think they were trolling for, at least in our case.”

According the Washington Post,  Justice Department faced with Google resistance to show evidence of the attacks providing full access to internal logs and to authorize a further forensic investigation of the breach … It is still unclear what Google provided to the investigators.

Michael M. DuBose, former chief of the Justice Department’s Computer Crime and Intellectual Property Section, commented the attacks defining them a wake-up call for the government that the overall security and effectiveness of lawful interception and undercover operations is dependent in large part on security standards in the private sector.

“Those,”  “clearly need strengthening.” DuBose said,

The incidents raise once again the need to share information on cyber attacks and data breaches, incidents like these are clear indications of ongoing sophisticated intelligence operations.

Pierluigi Paganini

(Security Affairs – Cyber espionage)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

11 hours ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

15 hours ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

21 hours ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

24 hours ago

Finnish police linked APT31 to the 2021 parliament attack

The Finnish Police attributed the attack against the parliament that occurred in March 2021 to…

1 day ago

TheMoon bot infected 40,000 devices in January and February

A new variant of TheMoon malware infected thousands of outdated small office and home office…

2 days ago

This website uses cookies.