Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Google Businesses Privacy Security United States

Alphabet's Security Start-Up Wants To Offer History Lessons (nytimes.com) 38

Chronicle, a security start-up owned by Google's parent company, Alphabet, plans on sharing what it learned from a cyberattack against Google nearly ten years ago. The hack was conducted by the Chinese military and was "one of the most starting cyberattacks on an American company by government-affiliated agents," reports The New York Times. The lessons it learned from that incident will be brought to other companies through a widely anticipated new product called Backstory. From the report: The idea, company executives said, is simple: Backstory will make Alphabet's vast storage, indexing and search abilities available to other companies, allowing them to search through giant volumes of data, going years back, to trace the back story of a malicious attack. Chronicle is hardly the only company doing this. Dozens of companies promise so-called big data threat intelligence and storage. But many of their customers can't afford to pay to search through huge amounts of information. Chronicle will charge customers by their number of employees.

The hack on Google, called Operation Aurora, was historic for an unusual reason: It was the first time a Chinese government hacking victim confronted its attacker. Inside the company, Sergey Brin, one of Google's co-founders, made it his personal mission to make sure something like Aurora never happened again. Google, known for its motto "Don't Be Evil," had a new motto about its cybersecurity: "Never again." Google poached cyberexperts from the National Security Agency and Silicon Valley. It built a threat analysis group on a par with those at the top intelligence agencies and designed a new security infrastructure. It also created a new team, called Google Project Zero, to hunt for critical security flaws in technology outside Google.
Chronicle was founded by Mike Wiacek, who started Google's threat analysis group after studying threats at the N.S.A., and Stephen Gillett, the former chief information officer at Starbucks and chief operating officer at Symantec.
This discussion has been archived. No new comments can be posted.

Alphabet's Security Start-Up Wants To Offer History Lessons

Comments Filter:
  • by Anonymous Coward on Monday March 04, 2019 @09:59PM (#58216998)

    It was the bets of hacks; it was the wurst of hacks.

  • Sure I will absolutely trust DIGITAL data coming out of Alphabet/Google as the truth, knowing full well, they could fabricate the entire, so called, evidence trail in a lazy afternoon.

    Sorry either analogue or it is B$ and backed by what the NYT has become, it looks even worse.

    So what, now that Russiagate has collapsed it's pick on the China, this after Alphabet/Google worked on creating a customised fully censored search engine for the government of China government, so what they don't want to pay for it a

  • Google poached cyberexperts from the National Security Agency and Silicon Valley. It built a threat analysis group on a par with those at the top intelligence agencies and designed a new security infrastructure.

    And yet they still let Android TVs browse through other customer's private photo collections. How great their experts must be.

    • Security has to be built from the ground up. You can't bolt it on afterwards. All the programmers need to be aware of it.
      • by CODiNE ( 27417 )

        You're correct in principle, but taken to an extreme it would mean rewriting all apps for any vulnerability discovered. In that sense all security fixes are "bolted on" to existing applications/networks. It's true that designing for security up front makes things much more secure in general but it still isn't a panacea. Business needs, second system effect, etc...

        • Nah. I meant if you architect it with security in mind, if people write their queries with that in mind, you have a hope of having secure software. But if you don't build it like that, you're going to have an unending flow of security bugs.
  • Google, knownat the time for its motto "Don't Be Evil,"...

A committee takes root and grows, it flowers, wilts and dies, scattering the seed from which other committees will bloom. -- Parkinson

Working...