New details have leaked out regarding the cyber-attack on Google in December.
According to a report in The New York Times, the attack hit Google’s password system, code-named Gaia. The program is still used under the name Single Sign-On and allows users to sign in only once with their password to operate e-mail and business applications.
Google disclosed the attack on Jan. 12, announcing it had uncovered “a highly sophisticated and targeted attack” that also struck numerous other companies as well. According to Google, the primary goal of the attack was to access the Gmail accounts of Chinese human rights activists, an effort that failed – though Google has admitted two Gmail accounts were accessed. The information taken from those accounts, however, was limited to information such as the date the account was created, the company has said.
Citing a source close to the investigation, the Times reported the incident started when a Google employee clicked on a malicious link sent via instant message. As a result, the computer was infected and attackers ultimately gained control of a software repository used by the development team.
The attackers reportedly first tried to access the developers’ work computers and then used a “set of sophisticated techniques to gain access to the repositories where the source code for the program was stored,” the Times reported.
The breach triggered months of controversy that culminated in Google closing the Chinese version of its search engine and redirecting users to google.com.hk.
Google spokesperson Jay Nancarrow said the company was not going to comment on the issue beyond what was said in January.