In 2009, around Christmas time, something terrible was lurking in the network at Google. Google is the most popular website on the Internet. It’s so popular many people just think Google is the Internet. Google hires many of the most talented minds and has been online since the 90s. Hacking into Google is no easy task. There’s a team of security engineers who test and check all the configurations on the site before they go live. And Google has teams of security analysts and technicians watching the network 24/7 for attacks, intrusions, and suspicious activity. Security plays a very vital role at Google, and everything has to have the best protections. But this attack slipped past all that. Hackers had found their way into the network. They compromised numerous systems, burrowed their way into Google’s servers, and were trying to get to data they shouldn’t be allowed to have. Google detected this activity. And realized pretty quickly they were dealing with an attack more sophisticated than anything they’ve ever seen.
Podcast Recommendation
Want another great podcast to listen to? Try Twenty Thousand Hertz. Start with the episode Ultrasonic Tracking.
References
- https://googleblog.blogspot.com/2010/01/new-approach-to-china.html?m=1
- https://googleblog.blogspot.com/2010/03/new-approach-to-china-update.html
- https://blogs.adobe.com/conversations/2010/01/adobe_investigates_corporate_n.html
- https://www.marketwatch.com/story/juniper-networks-investigating-cyber-attacks-2010-01-15
- https://www.wired.com/2010/01/operation-aurora/
- https://www.wired.com/threatlevel/2010/01/hack-of-adob
- https://www.wired.com/threatlevel/2010/01/google-hack-attack/
- https://www.wired.com/threatlevel/2010/01/google-censorship-china/
- https://www.wired.com/2010/03/source-code-hacks/
- https://www.wired.com/images_blogs/threatlevel/2010/03/operationaurora_wp_0310_fnl.pdf
- https://www.wired.com/story/china-tests-limits-of-us-hacking-truce/
- https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2010/ms10-002
- https://www.symantec.com/security-center/writeup/2010-011114-1830-99
- https://web.archive.org/web/20100315140407/http://www.rackspace.com:80/blog/?p=800
- https://www.secureworks.com/blog/research-20913
- https://www.cio.com/article/2386547/government/-aurora–cyber-attackers-were-really-running-counter-intelligence.html
- https://www.symantec.com/connect/blogs/elderwood-project
- https://www.itproportal.com/2010/02/19/google-aurora-attack-originated-chinese-schools/
- https://en.greatfire.org/google.com.hk
- https://www.theguardian.com/technology/2012/nov/09/google-services-blocked-china-gmail
- https://www.csmonitor.com/USA/2012/0914/Stealing-US-business-secrets-Experts-ID-two-huge-cyber-gangs-in-China
- https://www.nytimes.com/2010/02/19/technology/19china.html
- https://www.justice.gov/opa/pr/first-us-china-law-enforcement-and-cybersecurity-dialogue
- http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the-elderwood-project.pdf
- https://krebsonsecurity.com/tag/amnesty-international-hong-kong/
- http://fortune.com/2011/04/15/inside-googles-china-misfortune/
- Video demonstration of Aurora exploit
- Video of Hilary Clinton addressing media
- China responds to accusations
- President Obama and President Xi discuss cyber attack diplomacy
To read more about how Google operates and how they handled this situation internally, read the book In the Plex by Steven Levy.
Music Attribution
Theme music for this show was created by Breakmaster Cylinder.
Additional music by Epidemic Sound.
“Monkeys Spinning Monkeys” by Kevin MacLeod Licensed under Creative Commons: By Attribution 3.0 License.
Transcript
[FULL TRANSCRIPT]
JACK: [MUSIC] In 2009 around Christmastime something terrible was lurking in the network at Google. Google is the most popular website on the internet. It’s so popular that many people just think Google is the internet. Google hires many of the most talented minds and has been online since the 90s. Hacking into Google is practically impossible. There is a team of security engineers who test and check all the configurations of the site before they go live and Google has teams of security analysts and technicians watching the network 24/7 for attacks, intrusions, and suspicious activity. Security plays a vital role at Google and everything has to have the best protections but this attack slipped past all that. Hackers had found a way into the network. They compromised numerous systems and burrowed their way deep into Google’s servers and were trying to get data that they shouldn’t be allowed to have. Google detected this activity and realized pretty quickly they were dealing with an attack more sophisticated than anything they’ve ever seen.