The Chinese hack of Google in January may be more serious than first thought, after George Kurtz, CTO of antivirus software maker McAfee, said that the hackers stole valuable source code, after they broke into the computers belonging to staff with privileged access.
Google Chief Legal Officer David Drummond wrote in a blog post 12 January that the attack on Google’s corporate infrastructure resulted in the theft of intellectual property from the search giant, though he declined to specify what the hackers stole.
Kurtz said he believes the hackers broke through the defences of at least 30 companies and maybe as many as 100. The common link? The hackers often attacked source code management software, or SCM, such as the system from Perforce Software that Google and a number of other companies employ in their operations.
According to Kurtz, hackers succeeded in stealing source code from several of their victims.
He also said the attackers would have had an opportunity to change the source code without the companies’ knowledge, although investigators had yet to find any evidence that the hackers made changes.
After a 2 March hearing before the Senate Judiciary Subcommittee on Human Rights and the Law, chaired by Durbin, examined IT industry business practices in Internet-restricting countries, Bloomberg reported that the Obama administration is considering raising the issue before the WTO. The effort would force China to publicly discuss the issue.
Durbin, meanwhile, urged Internet companies to adopt the voluntary code of conduct known as the GNI (Global Network Initiative). The code of conduct regulates the actions of technology companies operating in countries that restrict the Internet. The GNI currently has only three members: Google, Microsoft, and Yahoo. The group has shown little progress.
“With a few notable exceptions, the information technology industry seems unwilling to regulate itself and unwilling even to engage in a dialogue with Congress about the serious human rights challenges the industry faces,” Durbin said in a statement. “As a result, I plan to introduce legislation that would require Internet companies to take reasonable steps to protect human rights or face civil or criminal liability.”
In February, Durbin sent letters to 30 technology companies asking them to join the GNI and seeking more information about their business practices in China. Only AT&T, McAfee and Skype have committed to discussing joining the GNI, while Websense has indicated that it will join if the membership fee is waived.
“Facebook, Twitter, HP [Hewlett-Packard] and Apple were all asked to testify [at the 2 March hearing] and refused. McAfee agreed to testify at [the] hearing but withdrew late last week,” said a statement on Durbin’s website.
Landmark ruling finds NSO Group liable on hacking charges in US federal court, after Pegasus…
Microsoft reportedly adding internal and third-party AI models to enterprise 365 Copilot offering as it…
Albania to ban access to TikTok for one year after schoolboy stabbed to death, as…
Shipments of foldable smartphones show dramatic slowdown in world's biggest smartphone market amidst broader growth…
Google proposes modest remedies to restore search competition, while decrying government overreach and planning appeal
Sega 'evaluating' starting its own game subscription service, as on-demand business model makes headway in…