Dangerous Friends
I swear I read more than the FT, but again I’ve got a link to a story from today with a little more info on the Google China hacking. This one sheds a little more light on just how the hackers mad it happen:
The most significant discovery is that the attackers had selected employees at the companies with access to proprietary data, then learnt who their friends were. The hackers compromised the social network accounts of those friends, hoping to enhance the probability that their final targets would click on the links they sent.
So it turns out it was a Internet Explorer vulnerability they exploited, which makes me ask two questions: First, why were Google folks using IE? Isn’t that why they make Chrome? Second (and much more serious), if this turns out to be a coordinated attack by the Chinese government (now it’s being reported oil companies were hit with something similar), what happens? I mean that’s pretty serious stuff. Is there a scenario where we would go to war over information security? It’s scary stuff.