Skip to main content

Gmail attack shows growing cybercrime sophistication

By Kevin Voigt
Click to play
Phishing attacks come from China?
  • Analysts say 'the bad guys are winning' the international war against cyber crime
  • Hundreds of Gmail users targeted in latest phishing scam
  • Growth of social media sites offers more opportunities for cyber criminals

(CNN) -- In the cyber war being fought across international boundaries, the recent Gmail hack of top U.S. and South Korean officials makes one thing clear, analysts say: the bad guys are winning.

"The short answer is our side is losing," says Thomas Parenty, a computer security specialist and former employee at the U.S. National Security Agency. "Defense is much more difficult than offense (against cyber attack); to defend against attack, you need to block all ways in; in offense, you only need one way in."

On Wednesday Google announced that hundreds of Gmail accounts were compromised in a "spear-phishing" assault -- targeted attacks that duped victims into revealing their Gmail passwords through e-mails that pose as people or companies known to end user. Attackers secretly reset settings to copy and forward all e-mails.

"The goal of this effort seems to have been to monitor the contents of these users' emails," wrote Eric Grosse, engineering director of Google's security team, on the company blog.

The attack comes days after a spate of high-profile cyber attacks. Lockheed Martin announced on Saturday a "significant and tenacious attack" on its information systems network, and Sony's temporary shutdown of its online gaming network after hackers had stolen personal information for as many as 77 million accounts.

Protecting yourself in a virtual world
  • Google Gmail
  • Google Inc.
  • Hacking

The level of sophistication of attacks shows the growing difficulty in guarding against cyber criminals. "I long for the days of the Melissa and 'I love you' computer viruses," says Parenty, referring e-mail viruses that circulated the globe in 1999 and 2000, respectively.

"In the olden days -- some five years ago -- you could give standard advice on safe computer behavior, like don't go to sketchy web site and don't open e-mail attachments from people you don't know," says Parenty, author of the book "Digital Defense." "Now you don't have to go to a porn site to get infected ... and (scammers) have enough information about you they can create an e-mail that seems like someone you know."

In the latest Gmail attack, users were given a link to click that connects to what appears to be Gmail logon page -- but instead is a dummy site that appears identical. Once the victim clicks in their password, the thieves can use it themselves.

Google has advised Gmail users to improve their e-mail security settings by using a two-step authentication procedure -- a password, plus a rotating six-digit code.

"One of the things Google is now recommending is industrial strength security measures for ordinary users," said Andrew Lih, professor at University of Southern California and author of "The Wikipedia Revolution." "Not only is it using something you know, like a password, but something you have in hand, like an iPhone app."

The growth of social media sites have also grown the opportunities for cyber criminals to get information that can be used in a personalized attack.

"With things like Facebook people are quite comfortable giving information on themselves," said Vincent Goh, Asia Pacific vice president of RSA, the maker of online security devices. That gives criminals more bait through which to 'spear-phish' -- a much more targeted attack that uses personal information to get recipients to drop their guard and reveal personal data such as passwords.

"Say tomorrow is your birthday, and you get a message from a friend saying they've sent you a birthday present -- just click on this link," Goh explains. "It makes it seem much more valid, and that is the fundamental way that 'spear-phishing' works."

"Consumers are definitely under attack, and consumers will always be one or two steps behind the hackers," Lih added.