Report: Attack on Google aimed at password system

Apr 20, 2010, 17:59 GMT

San Francisco - The cyber attack that prompted Google's decision to withdraw its search service from China was aimed at infiltrating the password system that controls the access of all Google users to the company's online services like Gmail and business applications, according to a report Tuesday in The New York Times.

The still unidentified computer hackers managed to gain access to Google's servers through the computer of a programmer whom they contacted via a Microsoft Messenger instant message, and whom they tricked into opening a link to a poisoned website that gave them control of his computer. This allowed the hackers to access a network used by a critical group of developers at Google's headquarters in Mountain View, California.

According to the report, which quoted 'a person with direct knowledge of the investigation,' the intruders did not manage to steal Google passwords. Google made significant changes to the security of its networks to prevent similar attacks on the future.

The attacks occurred over two days in December, and according to Google statements at the time appeared to target the accounts of human-rights activists in China, prompting the company to announce that it would no longer abide by the self-censorship of search results demanded by the Chinese government as a condition for operating in the country. Since then Google has moved its main Chinese language search engine to Hong Kong, and the Chinese government blocks access to many results that it finds objectionable.