May 22, 2013

Chinese hackers got sensitive data from Google

Chinese hackers got sensitive data from Google

Chinese hackers got sensitive data from Google

The Chinese hackers who breached Google's corporate servers 41 months ago gained access to a database containing classified information about suspected spies, agents, and terrorists under surveillance by the US government, according to a published report.

The breach appears to have been aimed at unearthing the identities of Chinese intelligence operatives in the US who may have been under surveillance by American law enforcement agencies.

It is unclear how much the hackers were able to discover, but former US officials familiar with the breach said the Chinese stood to gain valuable intelligence. The database included information about court orders authorizing surveillance – orders that could have signaled active espionage investigations into Chinese agents who maintained email accounts through Google's Gmail service.

When the news first surfaced in 2010, Google said hackers stole the source code behind its search engine, and targeted email accounts of activists critical of China's human rights record. But recently discovered that the hackers also obtained surveillance information, including emails belonging to suspected spies, diplomats and terrorists which law enforcement officials had been monitoring. Google reported this breach to the FBI, resulting in a national security investigation.

According to the sources, hackers were after the names of Chinese intelligence operatives who were the target of American surveillance. The extent of the compromise is not known. An FBI investigation did not uncover any evidence that the information had been used to hurt national security, and Google tightened its defenses in the aftermath.

Last month, a senior Microsoft official suggested Chinese hackers had targeted the company's servers about the same time Google's system was compromised. The official said Microsoft concluded that whoever was behind the breach was seeking to identify accounts that had been tagged for surveillance by US national security and law enforcement agencies.

The Operation Aurora attacks reportedly targeted at least 34 companies, including Adobe, Juniper, Rackspace, Symantec, Northrop Grumman, Morgan Stanley and Yahoo.

However, as with the 2010 attacks, the Chinese government has flatly denied it is involved with any of the recent hacking or cyber espionage.