March 4, 2010

Chinese Google Attackers Stole Source Code

A security firm said on Wednesday that the criminals behind the cyber attacks on Google Inc. and dozens of other companies operating in China stole computer source code by breaking into the personal computers of employees with privileged access.

George Kurtz, chief technology officer at anti-virus software maker McAfee Inc., told Reuters that hackers targeted a group of employees that had control of source code management systems, which handle the myriad changes that developers make as they write software.

The details of the investigation show how breaching just one PC at a large corporation has widespread repercussions.

In January, Google said that it had detected the cyber attacks originating from China on its corporate infrastructure, which resulted in the theft of its intellectual property. 

The Chinese government said that Google's claim was "groundless" when they said the hackers were based in China.

Kurtz said he believes the hackers broke through the defenses of at least 30 companies, and possibly as many as 100.

According to Kurtz, the common link in several of the cases that McAfee has reviewed is that the hackers used source code management software from privately held Perforce Software Inc., which had customers like Google and other large corporations.

"It is very easy to compromise the systems," Kurtz said.

Perforce President Christopher Seiwald told Reuters that McAfee performed an analysis on a version of the company's software that had many of its security settings disabled.

The hackers, which have yet to be apprehended, succeeded in stealing source code from several of their victims, said Kurtz.

He also said that the criminals had the opportunity to change the source code without the companies' knowledge, perhaps adding functions so the hackers could later secretly spy on computers running that software.

However, according to Kurtz, investigators have not yet uncovered any evidence that suggest they made such changes.

McAfee has spent the past few months investigating the attacks.  The Alameda, California-based company declined to identify its clients.

Other source code management program makers include International Business Machines Corp., Microsoft Corp. and privately held Serena Software Inc.


On the Net: