Report On Cyber Attack On Google: Understanding Attribution And Categories Of Cyber Attacks

Understanding Cyber Threats

Discuss about the Report on Cyber Attack on Google?

Cyber attack (a component of the cyber crime) specifically refers to any kind of offensive plan implemented by a group of individuals or organizations that aims to target computer information systems, computer networks, information based on infrastructure and personal computer devices by means of different kinds of malicious acts (Shackelford & Ford, 2016). The malicious acts tend to originate from an anonymous source that is associated with stealing, altering and destroying of a specified target by hacking a vulnerable system. These acts are highlighted either as cyber warfare or cyber terrorism. According to Benham & Sutherland (2013), the extent of cyber attacks have significantly increased in the recent days.  Multinational technological companies like Google have also been a victim of a cyber attack. Some researchers have highlighted the fact that the cyber attacks that took place on Google were specifically based on malicious adobe files. The present research paper will help in developing an insight knowledge regarding the understanding of the cyber attacks that took place on Google by highlighting the problem of attribution and the different categories of cyber attack. The research paper will also provide some examples of the cyber attacks that took place on Google.

People gradually took time to develop an understanding regarding the concept of cyber threat. Upon developing the understanding regarding the concept of cyber threat, the individuals and the suitable organizations took necessary steps that helped in evaluating the risk of the cyber threats in response to a particular organization (Wang et al., 2012). Google is one such organization that implemented effective methods for evaluating the risks of the cyber threats. A Cyber crime therefore represents a highly complex threat. Hackers seeking source from Google remain associated with using exceptional tactic of encryption, stealth programming and unknown hole in the Internet Explorer. Google have recently revealed that the multinational company has been the target of a highly sophisticated and synchronized hack attack that is specifically used against its corporate network. The intellectual properties had been constantly stolen and the hackers tend to access the Gmail accounts of the human rights activists. One such example of the cyber attack that took place over a series of foreign companies including Google is “Operation Aurora”. Operation Aurora was a series of cyber attacks that was conducted by a group of advanced persistent threats that included the Elderwood Group (Koch et al., 2013). The group was located in Beijing, China. The information was first publicly disclosed by in a blog post by Google on January 12, 2010. The attacks specifically originated in the mid of 2009 and continued through the month of December, 2009 (Pipyros et al., 2014). This specific attack not only affected Google but also affected other organizations like the Adobe Systems, Rackspace, Juniper Networks, Yahoo and others. Technical evidences that specifically included the IP addresses, domain names, software and malwares signature helped in revealing the fact that a group called Elderwood was behind the initiation of the Operation Aurora attack.  The particular cyber attack included other groups like the PLA Unit 61398, which is a Shanghai based advanced persistent group more commonly known by the name “Comment Crew”. They specifically sued technique that involved internal software comment features on web pages. Upon accessing the sites, the features provided a platform that infiltrated the server systems of the multinational internet service provider companies (Balbi, 2015). By obtaining trade secrets and advanced designs the attackers used to exchange foreign information’s from the available foreign networks in the foreign computers of the multinational companies which helped in successfully hacking the general information that has been shared by the company. In addition to it, the group was involved in attacking and infiltrating the second tier industry supplier’s that remain associated with making electronic and mechanical components. This helped in infiltrating the defense policies of the companies. Infiltration of the defense policies for companies like Google helped the hackers to get information of the external server that they use. This in turn helped in extracting the information about the database of Google and thus the attackers of the group infected the legimate websites which are frequently used by the employees of the target market (Bronk & Tikk-Ringas, 2013). The group Elderwood infected the less secure sites with different kinds of malware. Thus, by obtaining suitable information regarding the external source that has been published by the company, the group researchers inside the network to which the infected computers remains connected gradually downloads an updates the executive emails and the important documents from the database of the company’s profile. The important documents specifically included documents on the company’s plan, decisions and the products designs. In the blog post, Google has significantly mentioned that some of their intellectual properties have been stolen during the cyber attack (Bridges et al., 2015). The reports also suggested that the cyber attacks that were initiated were technically involved in accessing the Gmail accounts of the Chinese dissidents. The cyber attack on Google thus went to a certain extent that some of the individual’s bank account information has also been hacked by the hackers and this created a significant impact over the state security agents (Butkovic et al., 2013). However information suggests that the attackers were only being able to view the details of the accounts and the things were specifically limited to the things such as the subject line and the accounts creation date. Though the security experts were also being able to note down the sophistication of the attack, the information from the US Embassy in Beijing reported that that the Chinese Politburo has been associated with intrusion into the Google computer systems. This suggested that the attack was a part of the coordinated campaign that has been executed by the Government operatives, internet outlaws and the public security experts. Henceforth it has been revealed by Google that they had become a potential target of a highly sophisticated hack attack that is primarily of the Chinese origin (Caless & Yar, 2013). The cyber attack thus conducted on Google was specifically done to pull down the business of Google out of China. The attackers involved with the cyber attack specifically aimed in targeting the Gmail accounts of the Chinese human rights activists. The attackers that remain involved however helped in succeeding to obtain access only to the two accounts. The access was limited to for accessing the basic account information. After the completion of the cyber attack, Google spokesperson has notified the owners of the two accounts. The cyber attack helped Google to alert the people who were potentially affected by the attack. The attack on the Google also helped in investigating the threat levels of the intellectual property that the hackers obtained from Google. Though the cyber attack was being able to create a huge diversification, the information or the data’s that were obtained did not provide any business advantage to the hackers regarding the information that they obtained from Google. On the other hand, the cyber attack initiated helped the attackers to gain a suitable access over the activist’s accounts. Further investigation into the topic, helped Google to determine effectively that the attack initially originated in China and it was sophisticated and designed in a way that Google did not expect to experience in a general way (Jewkes, 2013).

Google and Cyber Threats

On the other hand source added that the implications of the attack were extremely dark and disturbing. Separate studies and investigation on the present cyber attack helped in discovering that the Gmail accounts of many human rights advocates in the United States, China and the Europe were specifically accessed by the third parties. The attacks were primarily initiated for extracting information regarding the account login credentials. As a result of the consequences, Google made suitable changes to its architecture by enhancing the security of the accounts and thus advised their clients to take precautions for protecting themselves regarding clicking of the emails and the links that are effectively displayed while doing a Google search.

Understanding the assessment of the cyber attack on Google helped in developing knowledge regarding the fact that there are many malicious factors through which the cyber attacks are caused. Low cost computer technology, widespread Internet connectivity and the availability of the external information provided the platform that engaged malicious activity (Taylor et al., 2014). The cyber attacks on Google now days are primarily carried out by different and commonly used attack vectors. Keeping aside the supply chains and the insider threats, the remote attackers take significant advantage of the product vulnerabilities, social engineering and the system misconfigurations. Since most of the actors remains associated with using similar techniques, identifying the nature of the attack might not reveal the clue for identifying the attackers that are involved. Internet and the external server of Google that forms a primary component of the shared and the integrated also get affected. The domains are shared by the citizens, businessman and the Government officials and thus it becomes very difficult to identify the medium through which the attackers attack.  The potential consequences of the Google cyber attack were not so easy to predict (Jewkes, 2013). A large number of factors thus remain s associated with which are very difficult to predict. Activity such as the network scans, data integrity breach, disruption of the service all are considered as a part of the cyber attack that took place over Google. The complex relationships between the integrated systems of Google suggest that there may be series of cascading effects some which may produce a sever effect that what its specifically intended to produce. While taking into consideration that the cyber attacks may be quite obvious and generates a quick response other cyber attacks may become hard to detect. The cyber attacks on Google thus helped in exfiltration of the data from the most sensitive system that provides a better platform that helps in understanding the critical exfiltration of the data. Thus, with the passage of time it becomes quite difficult to detect the cyber attacks thus produced and hence at certain times it becomes difficult for the company to roll back to the previous source of data that was published.   Many reports suggests that the cyber attacks and the motives that remains associated with the initiation of the cyber attack may be unknown in certain circumstances and there remains a potential consequences which may not be easy to understand under all circumstances. There are various other factors concerning the cyber attack that needs to be understood for the strategic evaluation and implementation of the response that are produced in case of initiation of any kind of  cyber attacks (Galeotti, 2014).  In a world of such diverse threats and increase allegation s of cyber crime, it is very much important the economic policies and the frameworks needs to properly improved in a way that there is a high probability of strong attribution and category that needs to be improved for monitoring the consequences of the of the cyber attack that takes place on Google and the other internet service provider companies.  In relation to different kinds of cyber crimes that have taken place in accordance with Google, the cyber crime can be effectively categorized into three main categories. The first category specifically relates to the conventional cyber crimes that include the cases in which the computers are targeted.  The secondary category specifically relates to the military cases that include extraction of the information based on the Government agencies and the amounts obtained from the Government agencies (Loader & Thomas, 2013).  The third category specifically relates to the economic cases and the other cyber events in which the government have clear philosophical differences. The third category got specifically highlighted in case of Google in which the intellectual properties were specifically highlighted in case o f the cyber attacks that has been initiated in case of Google.

Operation Aurora

From the above discussion it can be thus concluded that the cyber crimes on Google have produced an significant impact upon extracting the information that has been published. Operation Aurora is an example of one such cyber attack that produced a significant impact and thus highlighted the range of cyber attack that take place taking into viewpoint of the Google. The things helped in highlighting the change in the intellectual properties that got hacked during the cyber attacks that involved with Google.

References

Shackelford, S., & Fort, T. L. (2016). Sustainable Cybersecurity: Applying Lessons from the Green Movement to Managing Cyber Attacks. University of Illinois Law Review, 2016.

Wang, P., Lin, W. H., Kuo, P. T., Lin, H. T., & Wang, T. C. (2012, April). Threat risk analysis for cloud security based on Attack-Defense Trees. InComputing Technology and Information Management (ICCM), 2012 8th International Conference on (Vol. 1, pp. 106-111). IEEE.

Pipyros, K., Mitrou, L., Gritzalis, D., & Apostolopoulos, T. (2014, March). A cyber attack evaluation methodology. In Proc. of the 13th European Conference on Cyber Warfare and Security (pp. 264-270).

Balbi, A. (2015). Massive cyber attack at anthem: Up to 80 million individuals affected. Strategic Finance, 96(9), 11-12.

Bronk, C., & Tikk-Ringas, E. (2013). The cyber attack on Saudi Aramco.Survival, 55(2), 81-96.

Bridges, S. M., Keiser, K., Sissom, N., & Graves, S. J. (2015, April). Cyber Security for Additive Manufacturing. In Proceedings of the 10th Annual Cyber and Information Security Research Conference (p. 14). ACM.

Caless, B. (2014). Yar M.(2013). Cybercrime and Society. Policing, pau024.

Jewkes, Y. (Ed.). (2013). Crime online. Routledge.

Yar, M. (2013). Cybercrime and society. Sage.

Taylor, R. W., Fritsch, E. J., & Liederbach, J. (2014). Digital crime and digital terrorism. Prentice Hall Press.

Galeotti, M. (2014). Global crime today: the changing face of organised crime. Routledge.

Jewkes, Y., & Yar, M. (Eds.). (2013). Handbook of Internet crime. Routledge.

Loader, B. D., & Thomas, D. (Eds.). (2013). Cybercrime: Security and surveillance in the information age. Routledge.

Benham, A., Read, H., & Sutherland, I. (2013, March). Network Attack Analysis and the Behaviour Engine. In Advanced Information Networking and Applications (AINA), 2013 IEEE 27th International Conference on (pp. 106-113). IEEE.

Butkovic, A., Orucevic, F., & Tanovic, A. (2013, June). Using Whois Based Geolocation and Google Maps API for support cybercrime investigations. InWSEAS International Conference on Circuits, Systems, Communications, Computers and Applications (CSCCA'13) (pp. 194-201).

Koch, R., Golling, M., & Dreo, G. (2013, October). Attracting sophisticated attacks to secure systems: A new honeypot architecture. InCommunications and Network Security (CNS), 2013 IEEE Conference on(pp. 409-410). IEEE.