The conflict between US search giant Google and the Chinese authorities has been well documented in the media and as each day passes the division between the two parties is deepening rather than diminishing. The first shots were apparently fired by a group of Chinese hackers who broke into the GMail accounts of human rights activists and since that event there have been attempts to blame Google’s use of the cloud and its perceived security flaws for the breach.
Google has been swift to deny that the attack was made possible because of the cloud platform it uses for its services and security experts have supported this claim with hard evidence.
A blogger working for security vendor McAfee posted information relating to the means by which the hackers were able to hijack the GMail accounts of Chinese dissidents, laying the blame upon certain versions of Internet Explorer.
According to reports the hackers sent targeted emails to certain Google staff members who were known to posses the means to access personal information. A link embedded in the email led to a phishing site where malicious code was installed invisibly using an Internet Explorer exploit.
Once the malicious software had infected the users’ PCs, the hackers were able to take control of all of its resources, including sensitive data which was then copied to a server operated by the criminals.
McAfee executive George Kurtz said in a statement that the complexity of the software involved in the hack was impressive, enabling the hackers to dig deep into Google’s network whilst avoiding detection.
Google’s Scott Rubin confirmed McAfee’s findings, saying that the issue was in no way related to cloud computing, but instead rooted in hacking that relied on human error rather than fundamental security issues with its various cloud-based services.
Despite the reassurances, some are calling for Google to focus less on the convenience of cloud computing and more on the security benefits that it offers. Instilling its users with confidence in its products is important after the recent hacks, says a member of a consumer watchdog group John M. Simpson.
