As part of a sophisticated counterintelligence operation, Chinese hackers who infiltrated Google (GOOG) during a high-profile 2010 breach reportedly gained access to a secret database with information containing data about U.S. surveillance targets.
While the initial breach was revealed by Google, the apparent intent of the hackers to discover the identities of Chinese spies operating in the U.S. who were being watched by American law enforcement agencies was reported by The Washington Post.
The operation underscores the sophisticated nature of cyber espionage operations targeting major U.S. companies from hackers around the world, some of whom may be representing foreign governments.
According to the Post, it’s not clear how much information the Chinese hackers were able to glean from the attack, but the breached database contained information about court orders signing off on surveillance.
A successful attack may have given China a heads up about spies in the U.S. who kept Gmail accounts and were being investigated by the U.S.
“Knowing that you were subjects of an investigation allows them to take steps to destroy information, get people out of the country,” a former official told the paper.
Mountain View, Calif.-based Google declined to comment about the report.
Google initially disclosed the hack, dubbed the "Aurora" attack, in 2010, but it didn’t say the target of the attack appeared to be the secret database of court orders. Google said the hackers stole the source code for its search engine and targeted email accounts of Chinese activists.
“The Chinese government prohibits online criminal offenses of all forms, including cyber attack and cyber espionage, and has done what it can to combat such activities in accordance with Chinese laws,” a Chinese Embassy spokesman, Yuan Gao, told the paper. “We’ve heard all kinds of allegations but have not seen any hard evidence or proof.”
Google alerted the FBI about the breach of the sensitive database soon after detecting it, but the company denied access to an FBI supervisory agent working on Chinese cyber espionage cases who sought to conduct a national security investigation at the company’s headquarters, the Post reported.
Meanwhile, a Microsoft (MSFT) exec recently said Chinese hackers targeted the company’s servers in a similar fashion, searching for accounts that were under surveillance by the U.S.
However, Microsoft disputed that account in an emailed statement.
“The so-called ‘Aurora’ attacks did not breach the Microsoft network," said Matt Thomlinson, general manager of trustworthy computing and security at Microsoft.