The company’s statement contradicts Google’s assertion that the attacks were orchestrated by professionals and were most likely directed by the Chinese government. The Damballa report also claims that the attacks most likely weren’t targeted, as Google suggests, but instead were fairly generalized.
At the time, Google stated “We have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists.”
Apparently the attacks on Google can be traced back to July 2009 and some test runs of a botnet. By December, when Google became aware of the hacker’s work, at least seven countries had already been affected by the attacks. By January 12, 2010, the number of affected countries had jumped to 22.
By mid February, a U.S. government investigation had linked a Chinese security expert’s work to the attacks, and seemed to tie his research to government activities.
“Based on a thorough analysis of deeper data surrounding the attacks… it appears that Aurora can be best classified as just another increasingly common botnet attack, and one that is more amateur than average,” the Damballa report said.
Using more rudimentary tools to carry out a cyber attack don’t necessarily rule out government involvement. They do, however, serve as a reminder that even unsophisticated attacks can be effective when given enough time.
[Thanks to Computerworld for the heads up.]