Google password system hit in Dec cyber attack

A key Google password system that controls access by millions of users worldwide to almost all of the company's web services, including e-mail and business applications, was stolen when the search engine was hacked in an attack emanating from China, according to a media report.

The software called Gaia was intended to enable users and employees to sign in with their password just once to operate a range of services, 'The New York Times' reported, citing a source close to the investigation being conducted by Google. The intruders, who attacked Google in December last year, "do not appear to have stolen passwords of G-mail users, and the company quickly started making significant changes to the security of its networks after the intrusions," it said.

Independent experts also told the daily that the "theft leaves open the possibility, however faint, that the intruders may find weaknesses that Google might not even be aware of." In January, Google threatened to pull out of China as it blamed hackers based there for infiltrating their network and accessing e-mail accounts of Chinese human rights activists.

In March, following the persisting bad blood over censorship, cyber attacks and hacking attempts, Google closed its search service in China and re-routed its users to uncensored search engines based in Hong Kong, which are accessible in Mainland China.

The newspaper also reported that the theft began with an instant message sent to a Google employee in China who was using Microsoft's Messenger programme. By clicking on a link and connecting to a "poisoned" Web site, the employee inadvertently permitted the intruders to gain access to the user's personal computer.

This led to the hackers getting access to the computers of a critical group of software developers at Google's headquarters in Mountain View, California. "Ultimately, the intruders were able to gain control of a software repository used by the development team," the report said.

Because Google quickly learnt of the intrusion, the extent of damage that may have been caused is difficult to predict but experts have laid out some possibilities. The worst case scenario, the daily said, "is that the attackers might have intended to insert a Trojan horse a secret back door into the Gaia programme and install it in dozens of Google's global data centres to establish clandestine entry points."

It also appears that hackers, in Google's case, had precise knowledge about the names of Gaia software developers. "They first tried to access their work computers and then used a set of sophisticated techniques to gain access to the repositories where the source code for the programme was stored," the report said.