Create a free account, or log in

Google suffers another cyber attack as research shows more Australian SMEs are being targeted

Internet giant Google has suffered another cyber attack it claims originated from Chinese hackers, with some US Government officials and military personnel among those individuals targeted. The new attack, detailed in its blog, comes alongside the release of a new survey from security software firm Symantec, which warns two-thirds of Australian businesses have experienced cyber […]
Patrick Stafford
Patrick Stafford

Internet giant Google has suffered another cyber attack it claims originated from Chinese hackers, with some US Government officials and military personnel among those individuals targeted.

The new attack, detailed in its blog, comes alongside the release of a new survey from security software firm Symantec, which warns two-thirds of Australian businesses have experienced cyber attacks in the past 12 months and 77% of those resulted in a loss for their business.

“The cost of these attacks is significant,” says Symantec director of SMB for Asia Pacific, Steve Martin. “One in five of those businesses targeted reported losses in excess of $100,000 combined with lost productivity, revenue, and so on.”

Google said overnight that it had uncovered a new campaign to collect user passwords through a likely phishing attempt.

“This campaign, which appears to originate from Jinan, China, affected what seem to be the personal Gmail accounts of hundreds of users including, among others, senior US government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists.”

This is only the latest hacking attempt directed at Gmail accounts. Early last year, Google recorded a massive hacking strike against software companies such as Adobe, which also sought to bring down the Gmail accounts of business officials and Chinese political activists.

The incident was deemed so serious that Google began seeking ways to leave the country and provide censor-free search results to the Chinese, although critics said this was only an attempt for Google to gain market share.

The purpose of the new attempt, according to Google, “seems to have been to monitor the contents of these users’ emails, with the perpetrators apparently using stolen passwords to change peoples’ forwarding and delegation settings”.

“Google detected and has disrupted this campaign to take users’ passwords and monitor their emails. We have notified victims and secured their accounts. In addition, we have notified relevant government authorities.”

Such an attack highlights not only the precarious nature of cloud computing, but just how prominent cyber attacks against major multi-billion dollar organisations are becoming.

Electronics and manufacturing giant Sony has suffered perhaps one of the biggest cyber attacks in history this year after hackers managed to steal the data of millions of customers on its online PlayStation network, with the breach said to cost nearly $US200 million.

And last week, weapons manufacturer Lockheed Martin said it was the subject of an attack, while closer to home, outgoing Woodside chief executive Don Voelte said mining companies were also being targeted, from China and elsewhere.

Steve Martin says the new Symantec report is evidence of this – about 21% of businesses say the frequency of these attacks is increasing.

“This has been the number one concern for businesses for awhile, but it’s becoming so by a wider margin. Cyber attacks have continued in their prevalence against Australian companies, and are becoming much more targeted on financial gains.”

Martin says the associated costs of downtime, such as lost productivity and perhaps costs for recovering lost data, present a significant burden for any company hit with a cyber attack.

SMEs are not immune to large attacks, either. Recently the cosmetics retailer Lush was the target of a massive attack which saw credit card data compromised and brought down the company’s site, representing thousands in potential sales lost.

The key, Martin says, is understanding what data you have at your disposal and understanding how to protect it effectively.

“You need to apply the appropriate level of protection for your business and ensure it’s safe. If you’re holding credit card information, and I’m holding personally identifiable information, I need to understand how to protect it effectively.”

“If I have intellectual property in my business, or business designs, or legal documents, you need to know exactly where that information resides, and make sure you have adequate protections there.”