Google Turns To NSA For China Hack Help

Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved,

Send in the spooks! Google is reportedly working with the NSA to analyse the Chinese cyber-attack and to help prevent such attacks in the future

According to media reports Google has turned to the National Security Agency (NSA) to help it analyse the controversial China hack in December, and to improve its security measures.

According to the Washington Post, the NSA is working on an agreement with Google to help analyse the attack so the company can improve its defences against future security threats. The NSA did not respond to an eWEEK request for comment, and Google declined to make a statement. Google has already said however that it is working with “the relevant US authorities.”

The Post said that the agreement is being designed to allow the organisations to share information without violating any laws or Google policies regarding online privacy, and does not mean the NSA will view users’ searches or email accounts.

Reports of the deal follow weeks of controversy about the attack. Google stated the attack originated in China, and threatened to shut down its Chinese operations due to the attack and concerns about censorship.

Evidence of Chinese involvement in the attacks on Google and more than 30 other companies has been the subject of dispute, as security researchers at McAfee, for example, have identified systems in both the United States and Taiwan that were involved in the attack. Last month, Joe Stewart, director of Malware Research for SecureWorks’ Counter Threat Unit, said he found a cyclic redundancy check (CRC) algorithm in a Trojan used in the attacks that was released as part of a Chinese-language paper on optimising CRC algorithms for use in microcontrollers. However, critics argue the code has circulated outside China for years.

“The thing is, the origin of the code doesn’t really matter – it’s the prevalence,” Stewart countered. “This algorithm was posted on thousands of Chinese websites for years, but only a handful of Western sites seem to have ever seen it before the Aurora news broke, and none of those were 32-bit Windows programming sites, they were all dedicated to embedded programming.”

chinawall234.jpg

For its part, the Chinese government has denied any involvement in the cyber-attacks. In a hearing with the Senate Select Committee on Intelligence 2 February, Director of National Intelligence Dennis C. Blair called the Google attacks a “wake-up call.”

“Malicious cyber-activity is growing at an unprecedented rate, assuming extraordinary scale and sophistication,” he said. “In the dynamic of cyber-space, the technology balance right now favours malicious actors… and it is likely to continue that way for quite some time.”

Brian Ahern, CEO of Industrial Defender, told eWEEK that Blair’s comments underscore the importance of dealing with cyber-threats to the United States.

“Our operational infrastructure – the very systems at the heart of the electric grid, controlling processing operations in chemical plants and oil refineries, controlling access to our water supplies and our transportation systems – are equally at risk, and a cyber-attack to this infrastructure can cause significant threats to public safety… (and) the public and private sectors both need to acknowledge these threats of crippling attack from increasingly sophisticated enemies and take swift steps to assure that our nation’s critical infrastructure is secured,” Ahern said.