I’ll file this under “Conspiracy Theories” for now, but security vendor Imperva’s CTO Amichai Shulman said the prevailing explanation for the Chinese hacking incident just doesn’t add up – and it might be a ploy to boost downloads of Google’s Chrome web browser.
Currently, most media reports cite a Microsoft Internet Explorer security flaw as the attack vector for the high-profile security breach, as widely touted by anti-virus maven McAfee. In an e-mailed statement, Schulman had a different theory.
“First, why are Google employees using IE and not Google’s own browser, Chrome? This doesn’t make sense,” explained Shulman.
“Second, to execute an attack this sophisticated, it likely occurred as a result of spear phishing Google employees to gain access to Google users credentials. A hacker would have to jump through many hoops inside an internal network. This requires network—not browser—vulnerabilities so that the attacker can communicate with malware inside Google’s internal network,” explained Shulman.
“Unfortunately, blaming Microsoft is all too easy and it’s leading to a panic. France and Germany are now recommending that its citizens not use Internet Explorer given its role in the recent Google hacking incident,” he said citing today’s decision by the leading European governments. “Could this be a clever way to boost Google Chrome downloads?”
Microsoft thanks the following companies for working with us and for providing details of the attack:
- Google Inc. and MANDIANT
Er, erm. Eh.
At least Imperva’s take makes a good story. I e-mailed Rob Rachwald with Imperva, who e-mailed me Schulman’s statement originally, for clarification.