BIRMINGHAM – Last month, I related communications I had with The Jester, an individual who has decided to express his outrage at Jihadist organizations by systematically taking down their web sites. A week later, we learned that engineers at Google had been engaging in their own form of cyber vigilantism by hacking into a command and control server in Taiwan.
In what is rapidly turning into a game-changing story we got reports that 33 or more organizations succumbed to what many experts are claiming to be very sophisticated attacks against their networks with the intent of stealing intellectual property, and in the case of Google, targeted the identities of outspoken Chinese activists.
Even from the first announcement it was apparent that Google engineers had tapped into a server that was involved with the attacks they had witnessed. How else would they have discovered the other targets? This is a familiar story. It is how Shawn Carpenter got embroiled in Titan Rain in 2004. It is how the Israeli police uncovered the Israeli Trojan fiasco. It is how the SecDev researchers traced the extent of GhostNet.
I can think of two ways that Google could have hacked into a server in Taiwan without engaging in legally questionable activity. 1. They contacted the owner of the server and asked. Or 2. They were the owners of the server. Either way there are some un-answered questions in the Google-China affair.
Richard Stiennon is a security industry analyst based in Birmingham, MI. He has presented on the topics of cyber threats and cyber defense in 28 countries on six continents. He writes the ThreatChaos blog. His first book, Surviving Cyber War, is due to be published by Government Institutes in mid 2010. Stiennon?s publishing group, IT-Harvest, is a joint venture partner of MITechNews.Com. For joint advertising information, email email [email protected]
a>>
