27 Nov

Network Security: Chinese Hackers, Google, and the NSA

It is a good idea to have a few anecdotes in your back pocket to put I.T. Security and the importance of I.T. Audit into context. This article by Shane Harris is a great place to start when it comes to understanding the depth and breadth of Chinese Hacking and protecting your company’s and your client’s data.

Hacked by the Chinese Government

Google uncovered evidence of one of the most extensive and far-reaching campaigns of cyber espionage in U.S. history. Evidence suggested that Chinese hackers had penetrated the systems of nearly three dozen other companies, including technology mainstays such as Symantec, Yahoo, and Adobe, the defense contractor Northrop Grumman, and the equipment maker Juniper Networks…

The only things Google seemed certain of was that the campaign was massive and persistent, and that China was behind it. And not just individual hackers, but the Chinese government, which had the means and the motive to launch such a broad assault.

Google-NSA Partnership

On the day that Google’s lawyer wrote the blog post, the NSA’s general counsel began drafting a “cooperative research and development agreement,” a legal pact that was originally devised under a 1980 law to speed up the commercial development of new technologies that are of mutual interest to companies and the government. The agreement’s purpose is to build something — a device or a technique, for instance…

It’s not clear what the NSA and Google built after the China hack. But a spokeswoman at the agency gave hints at the time the agreement was written. “As a general matter, as part of its information-assurance mission, NSA works with a broad range of commercial partners and research associates to ensure the availability of secure tailored solutions for Department of Defense and national security systems customers,” she said. It was the phrase “tailored solutions” that was so intriguing. That implied something custom built for the agency, so that it could perform its intelligence-gathering mission. According to officials who were privy to the details of Google’s arrangements with the NSA, the company agreed to provide information about traffic on its networks in exchange for intelligence from the NSA about what it knew of foreign hackers. It was a quid pro quo, information for information.

IT Audit and Security Considerations

A huge – and often neglected – part of I.T. Audit and Security services is providing context to clients. To help them make decisions that are in the best interest of their company and their customers. Having an understanding of events as described above go a long way toward establishing credibility.

In short – if cyber security is important enough for Google, important enough for the U.S. Government, and important enough for the two to develop secret technologies – it should be an important component of any corporate risk strategy.

One thought on “Network Security: Chinese Hackers, Google, and the NSA

  1. Chrisitan,
    I’d suggest adding some reasons as to WHY cybersecurity “should be an important component of any corporate risk strategy”. That’s what mgmt always wants to know.

    Then auditors can take the general reasons and tune them to the specifics of their corporation. And add the probability of such occurrences based on outstanding audit issues and company strategies in THEIR OWN environment.

    I’ve found that identifying risks that directly related to current control and security holes helps mgmt believe it really could happen to them. Mgmt seems to see current failures in isolation and they don’t understand how someone could string some of them together and really poke them in the eye.

    That’s the value that an auditor or security pro should provide.

Leave a Reply