More information is coming out about Chinese hackers who attacked American e-mail accounts, including those from Gmail and Yahoo. It seems that many personal accounts of American government officials were targeted. From the Guardian:
The attacks on the US government officials by China-based hackers targeted personal accounts, rather than trying to break into better-secured federal systems. Not only Google’s Gmail was targeted; Yahoo accounts are also known to have been among those hit. It is not known whether any accounts on Microsoft’s Hotmail system were hit.
It would be illegal for US government staff to use a personal email account for government work, partly because it would not fall under the Freedom of Information Act, which is meant to apply to all intra-government communication.
However, as Mila Parkour, the Washington-based IT specialist at the security specialists Contagio Malware Dump who first spotted this points out, the emails would have looked as though they were being forwarded, which would often mean being read “at home in a relaxed atmosphere, which helps to catch the victim off guard, especially if it appears to arrive from a frequent contact.” She adds that “some people have a habit of forwarding messages from enterprise accounts to their personal mail for saving or easy reading at home, which may potentially offer some sensitive information.”
The fact that the hackers knew the personal email accounts of the people they were targeting points to very extensive inside information that would take a remarkable amount of intelligence-gathering and research – and highlights questions over the motives of the hackers.
In reality, however, the Gmail attacks were not really a “hack” but rather a “phishing” attack, in which users were tricked into revealing their passwords. From Fast Company:
“Gmail Hack” was scattered across media headlines yesterday, inciting the rumor that
« Back to Article