Establishing Digital Trust: Don't Sacrifice Security for Convenience
"This campaign, which appears to originate from Jinan, China, affected what seem to be the personal Gmail accounts of hundreds of users including, among others, senior U.S. government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists," Eric Grosse, engineering director, Google Security Team wrote in a blog post.
Grosse added that the goal of the campaign was apparently to use the stolen email passwords in an attempt to reroute email.
"Google detected and has disrupted this campaign to take users passwords and monitor their emails," Grosse stated. "We have notified victims and secured their accounts. In addition, we have notified relevant government authorities."https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=iThe Chinese Government has refuted Google's allegations.
"Hacking attacks are an international problem and China is also a victim," Hong Lei, Chinese foreign affairs spokesman said in a press conference posted on YouTube.
Lei added that the Chinese government has always opposed any criminal activity that tries to harm the Internet and computers, including hacking and will punish these crimes according to the law.
"The so-called allegation that the Chinese Government supports hacking is completely fabricated with ulterior motives," Lei said.
Regardless of who was or wasn't behind the Gmail attacks, the attacks raise the issue of how secure email systems actually are. Google stressed that the attacks did not affect Google's internal systems.
"These account hijackings were not the result of a security problem with Gmail itself," Grosse stated. "But we believe that being open about these security issues helps users better protect their information online."
Among the suggestions that Google has for users to secure their email, is to use a strong password. Simple passwords can be easily guessed by hackers that perform dictionary based attacks that throw common words at a server in an attempt to break-in. Google also warns users to be suspicious of messages that ask them to send their email password.
From a defense in depth perspective, Google also suggests that users enable two factor authentication for their Google services. The two factor approach requires a second layer of authentication for an account, in an effort to make it harder for hackers to attack.