Follow on Facebook Follow on Twitter Follow on Google buzz RSS

2.04.2010

Advanced Persistent Threats: The Story of How Google Was Hacked

I hope you are all ready for a sweet little bedtime story about spiders, I mean viruses.

Advanced Persistent Threads, or APT, are a somewhat new kind of virus that has come out of China and is believed to be what was used to hack Google last year and countless other companies. Wired just did an article on this new breed of viruse that is down right frightening and well worth the read. It may be a bit confusing to some, so I have made a possibly more confusing bedtime story to help you understand. Ha...

Think of an APT's as an egg... let's call it a spider egg because I hate spiders. This little spider egg gets transferred to your computer when you accidentally click on a fake link in an e-mail, open a bogus .Zip file, or click on one of those nasty pop-ups trying to trick you into thinking you have a virus (and because you clicked it, you now do. Doh!).

It lays dormant on your computer for several months before hatching. Much like a baby spider, instinct sets in and the APT goes off to work, undetectable. It gives itself full access to your computer and soon the entire company network. Invisible, it quietly grins as it dangles the keys to your house in front of you. It finds all your sensitive information, digs through your files and e-mails and then sends a signal to China, which we will call Mama Spider, to let her know where it is. Well, Mama Spider quickly and stealthily connects to it's baby through the internet and the baby spider starts sending company and personal data it's mama.

Unfortunately for your IT folks, it's not easy to detect these viruses because the spiders make all the data look like legitimate e-mails and network data. Think of it like this... Buddy leaves for the day. "See ya Buddy. Have a good night!" - and Buddy walks out of the building. Not five min's later you see Buddy again. "Hey Buddy, I thought you were leaving? Anyhow, have a good evening." Buddy awkwardly waves, in an almost spider like fashion and you are like whoa... odd. Anyhow, Buddy heads down the elevator and out the door, la la..RIP, oh whoa! What the!? Buddy just tore off his face and he is really a spider hauling all our company files to Mama. "I knew that second Buddy waved like a spider!" you shout on deaf ears. No one will hear you because it's too late.

The end.

The moral of the story? Be careful!

Wow! Well, that got a bit off track and complicated. Basically, China hacked Google with the APT virus. No one knows how long their systems were infected, but it spread itself all over their computers and was churning out data long before Google realized. Wired says that thousands of companies have this going on and don't even know about it.

There is actually quite a bit more to these APTs, so I'd highly receommnd you check out the full article over at Wired.

Oh and thanks to Buddy for being my example :)


Share