U.S. intelligence sources said China's attack on Google that was made public
earlier this year appeared aimed at obtaining high-technology secrets
related to cloud computing - an innovative method of digital development
that uses shared systems on the Internet.
Cloud computing allows people and institutions to share physical
infrastructure, increase corporate agility and sharply reduce computing
costs.
China's search eninge: Baidu
_____
The use of cloud computing is said to have the potential to improve security
of data as the result of the centralization of data and increasing
security-focused resources.
Google is known to be researching cloud computing as a future market and
thus its work on the subject is believed to have been the target of the
sophisticated Chinese-origin computer attacks on Google and other high tech
companies last year.
On Jan. 12, Google chief lawyer David Drummond wrote that "in mid-December,
we detected a highly sophisticated and targeted attack on our corporate
infrastructure originating from China that resulted in the theft of
intellectual property from Google."
At least 20 other companies also were targeted. Drummond stated that the
primary goal of the attack was gaining access to Gmail accounts of Chinese
human rights activists.
U.S. officials and security specialists familiar with the incidents
revealed, however, that much more sensitive corporate information was
compromised.
"The attack was very targeted. It targeted engineers and quality assurance
developers, people with very high levels of access in the organization,"
said George Kurtz, chief technology officer for computer security firm
McAfee, who investigated the attack for several of the affected companies.
"The infections were actually very few. It wasn't like a mass infection
across a large organization. It was very targeted."
In addition to cloud computing secrets, the Chinese also are believed to
have obtained access to Google's unique search engine and data-mining
technology that could be applied to China's rival government-controlled
search engine known as Baidu.
Deputy Secretary of Defense William Lynn said last week cloud computing is
among the cutting edge concepts targeted by cyber attackers.
"It's only in the last couple of years you've started to hear about cloud
computing," Lynn said. "But it's clear that there's enormous potential in
this concept of cloud computing. Some of our most advanced companies are
already moving there and the department has to think about, how do we take
advantage of that?"
Asked if cloud computing makes defense networks more vulnerable to attack,
Lynn said: "I think it makes it less. Because you are able to put your
defenses around the cloud in a way that you can't put it around individual
computers. You're less dependent on individual users taking the right steps
to protect their hardware."
"Cloud computing also could make it more difficult for the foreign
intelligence service that used a flash drive in 2008 to penetrate classified
networks of the U.S. Central Command," Lynn said.
"So I mean you, again, have to be very careful and you have to do this with
the appropriate steps, but I think cloud computing has some potential to
improve our security," Lynn said.
Lynn, appearing on PBS Oct. 18, also said offensive cyberwarfare
capabilities are being developed, in addition to cyber defenses.
"You can't talk too much about that. You can get very classified very
quickly. But I think one of the things about the offense is the way the
Internet was developed. It wasn't developed with security in mind. It was
developed with ease of introduction of new technology; it was developed with
transparency, with expansion in mind, but not security."
As a result, "you find that the offense has enormous advantages in
cyberspace," Lynn said. "And one of the things I think we want to think
about over the long haul is, is it possible to balance that out over so that
you make the Internet a more secure environment."
Source: http://www.geostrategy-direct.com/geostrategy-direct/secure/2010/11_03/ba.asp?
