Chinese hackers who breached Google’s servers several years ago gained access to a sensitive database with years’ worth of information about U.S. surveillance targets, according to current and former government officials.
The breach appears to have been aimed at unearthing the identities of Chinese intelligence operatives in the United States who may have been under surveillance by American law enforcement agencies.
It’s unclear how much the hackers were able to discover. But former U.S. officials familiar with the breach said the Chinese stood to gain valuable intelligence. The database included information about court orders authorizing surveillance — orders that could have signaled active espionage investigations into Chinese agents who maintained e-mail accounts through Google’s Gmail service.
“Knowing that you were subjects of an investigation allows them to take steps to destroy information, get people out of the country,” said one former official, who, like others interviewed for this article, spoke on the condition of anonymity to discuss a highly sensitive matter. The official said the Chinese could also have sought to deceive U.S. intelligence officials by conveying false or misleading information.
This is a classic illustration of why I have been preaching IT security to everyone.
Last year at Camp Lejeune my .mil email was hacked from a location which traced back
to a Chinese military academy near Beijing. The entire base, all commands, had to go
on IT lock-down for several days while an analysis was done. With the right precautions
in place it doesn’t matter if they gain access. A simple virus detector and firewall is not
enough to keep out anyone but amateurs.
How did they hack your email with a secure keyed CAC card? Or was this before that time?