Alphabet's Security Start-Up Wants To Offer History Lessons (nytimes.com) 38
Chronicle, a security start-up owned by Google's parent company, Alphabet, plans on sharing what it learned from a cyberattack against Google nearly ten years ago. The hack was conducted by the Chinese military and was "one of the most starting cyberattacks on an American company by government-affiliated agents," reports The New York Times. The lessons it learned from that incident will be brought to other companies through a widely anticipated new product called Backstory. From the report: The idea, company executives said, is simple: Backstory will make Alphabet's vast storage, indexing and search abilities available to other companies, allowing them to search through giant volumes of data, going years back, to trace the back story of a malicious attack. Chronicle is hardly the only company doing this. Dozens of companies promise so-called big data threat intelligence and storage. But many of their customers can't afford to pay to search through huge amounts of information. Chronicle will charge customers by their number of employees.
The hack on Google, called Operation Aurora, was historic for an unusual reason: It was the first time a Chinese government hacking victim confronted its attacker. Inside the company, Sergey Brin, one of Google's co-founders, made it his personal mission to make sure something like Aurora never happened again. Google, known for its motto "Don't Be Evil," had a new motto about its cybersecurity: "Never again." Google poached cyberexperts from the National Security Agency and Silicon Valley. It built a threat analysis group on a par with those at the top intelligence agencies and designed a new security infrastructure. It also created a new team, called Google Project Zero, to hunt for critical security flaws in technology outside Google. Chronicle was founded by Mike Wiacek, who started Google's threat analysis group after studying threats at the N.S.A., and Stephen Gillett, the former chief information officer at Starbucks and chief operating officer at Symantec.
The hack on Google, called Operation Aurora, was historic for an unusual reason: It was the first time a Chinese government hacking victim confronted its attacker. Inside the company, Sergey Brin, one of Google's co-founders, made it his personal mission to make sure something like Aurora never happened again. Google, known for its motto "Don't Be Evil," had a new motto about its cybersecurity: "Never again." Google poached cyberexperts from the National Security Agency and Silicon Valley. It built a threat analysis group on a par with those at the top intelligence agencies and designed a new security infrastructure. It also created a new team, called Google Project Zero, to hunt for critical security flaws in technology outside Google. Chronicle was founded by Mike Wiacek, who started Google's threat analysis group after studying threats at the N.S.A., and Stephen Gillett, the former chief information officer at Starbucks and chief operating officer at Symantec.
Re: (Score:1)
"At this point, what does it matter?"
Re: (Score:2)
"At this point, what does it matter?"
The Crown Prince of Saudi Arabia likes your way of thinking and would like to hire you as a publicist.
Most Starting (Score:3, Funny)
It was the bets of hacks; it was the wurst of hacks.
Re: Most Starting (Score:1)
I was so started to read that.
Believe?!? (Score:1)
Sure I will absolutely trust DIGITAL data coming out of Alphabet/Google as the truth, knowing full well, they could fabricate the entire, so called, evidence trail in a lazy afternoon.
Sorry either analogue or it is B$ and backed by what the NYT has become, it looks even worse.
So what, now that Russiagate has collapsed it's pick on the China, this after Alphabet/Google worked on creating a customised fully censored search engine for the government of China government, so what they don't want to pay for it a
Re: (Score:1)
I remember this part of art of war. (Score:1)
Art of war tactic or just plan old stupidity
I remember in art of war when it said
"And give your enemies false search with no ads. They will be pleased. Show them irrelevant searches so that they believe it is relevant when it is not. Show them scat when they have explicitly enabled safesearch and their men will be distracted and demoralized with images of goatse, tubgirl, and poopface.jpg. If you do these things then victory is yours before the first sword is drawn."
--Sun Tsu
How ironic (Score:2)
And yet they still let Android TVs browse through other customer's private photo collections. How great their experts must be.
Re: (Score:3)
Re: (Score:2)
You're correct in principle, but taken to an extreme it would mean rewriting all apps for any vulnerability discovered. In that sense all security fixes are "bolted on" to existing applications/networks. It's true that designing for security up front makes things much more secure in general but it still isn't a panacea. Business needs, second system effect, etc...
Re: How ironic (Score:2)
Known at the time. (Score:1)
Google, knownat the time for its motto "Don't Be Evil,"...