Yesterday I read a disturbing post on one of my favorite security-blogs.
It covers a New York Times Article reporting that Google’s password system (Gaia) was compromised during a targeted attack last December (see also this post)
This zdnet-post summarizes all the posts I made about phishing, SSO and SaaS and exemplifies my argument of not taking SaaS and SSO too lightly for security reasons.
The New York Times Article said the hack started with an IM message to a Google employee in China who was using Microsoft (ahaa!) MSN Messenger:
By clicking on a link and connecting to a “poisoned” Web site, the employee inadvertently permitted the intruders to gain access to his (or her) personal computer and then to the computers of a critical group of software developers at Google’s headquarters in Mountain View, Calif. Ultimately, the intruders were able to gain control of a software repository used by the development team.
People are still wondering how the 'poisoned' web site did his 'evil' job (own quote!).
Some think it was done by using a Trojan horse and ínstall these in the global Google data centres, but this is too difficult because of detection.
Others think it was done by having access to the source code in the software repository. For hackers that's the real jackpot!
People, this was not a impulsive attack, but a 'planned' one.
Also, if you know that other companies (Adobe, Juniper) were having similar Cyberattacks, this cyberattack can't be just be seen as lucky.
Cyber-Criminals (just plain crooks if you ask me) are trying to get the intellectual property from the companies they attack and this damages the companies ,the clients and the general adoption of the cloud.
Security breaches will ever be there,we all(!) just have to be wary of them and try to diminish or eliminate the risks.
PS: One other thing, this post explains the vulnerability in Microsoft MSN Messenger and that Microsoft will deal with it