By Tom Krazit
April 12, 2010
MOUNTAIN VIEW, Calif. -- Google learned some hard security lessons after
it was attacked late last year by hackers, CEO Eric Schmidt said Monday.
"Google is now particularly paranoid about that," Schmidt said during a
question-and-answer session following Google's Atmosphere 2010
conference before about 400 CIOs. After the company learned that some of
its intellectual property was stolen during an attack that originated
from inside China, it began locking down its systems to a greater degree
and accelerated plans to move to Web-based systems like Chrome OS
The attacks took advantage of a flaw in Internet Explorer 6 that was
quickly patched, although the damage had been done. More than 30 U.S.
companies were believed to be targeted by the attacks, but Google was
one of the few that publicly identified itself as a victim because "we
decided we had to tell people as a warning," Schmidt said.
He declined to get into the specifics of how the attackers penetrated
Google's security but said the attackers broke into a single system with
the outdated browser and were then able to take "a series of steps" to
wreak wider havoc. Google tightened its external defenses and moved
quickly to update all the software within its walls following the
deconstruction of the attack.
Register now for HITBSecConf2010 - Dubai, the premier
deep-knowledge network security event in the GCC,
featuring keynote speakers John Viega and Matt Watchinski!