Cyberattack on Google Said to Hit Password System

Cyberattack on Google Said to Hit Password System
Cyberattack on Google Said to Hit Password System 

By John Markoff
The New York Times
April 19, 2010

Ever since Google disclosed in January that Internet intruders had 
stolen information from its computers, the exact nature and extent of 
the theft has been a closely guarded company secret. But a person with 
direct knowledge of the investigation now says that the losses included 
one of Google's crown jewels, a password system that controls access by 
millions of users worldwide to almost all of the company's Web services, 
including e-mail and business applications.

The program, code named Gaia for the Greek goddess of the earth, was 
attacked in a lightning raid taking less than two days last December, 
the person said. Described publicly only once at a technical conference 
four years ago, the software is intended to enable users and employees 
to sign in with their password just once to operate a range of services.

The intruders do not appear to have stolen passwords of Gmail users, and 
the company quickly started making significant changes to the security 
of its networks after the intrusions. But the theft leaves open the 
possibility, however faint, that the intruders may find weaknesses that 
Google might not even be aware of, independent computer experts said.

The new details seem likely to increase the debate about the security 
and privacy of vast computing systems such as Google's that now 
centralize the personal information of millions of individuals and 
businesses. Because vast amounts of digital information are stored in 
one place, popularly referred to as 'cloud' computing, a single breach 
can lead to disastrous losses.


Register now for HITBSecConf2010 - Dubai, the premier 
deep-knowledge network security event in the GCC, 
featuring keynote speakers John Viega and Matt Watchinski! 

Site design & layout copyright © 1986-2015 CodeGods