By Daily Mail Reporter

• Google said U.S. government officials targeted
• Security breach larger than previous Gmail attacks
• Pentagon warn U.S. may retaliate with military force
• Hackers also target military contractor that supplies unmanned aerial vehicles
• Beijing denies being behind attack 
  

Senior U.S. government officials have been targeted by hackers in China,Google has revealed.

The internet giant said that hundreds of Gmail users, including top government officials, have become the victims of cyber attacks.

The security breach was revealed as the Pentagon warned that the U.S. may retaliate with military force against countries that sabotage its computers.

The hackers used a massive phishing scheme to break into accounts and have been able to monitor victims’ emails and alter forwarding settings.

 

The accounts were hijacked using stolen passwords that were obtained using malware on victims’ computers and by victims responding to emails from hackers.

But the Chinese government today denied that it was behind the hacking. 

A government spokesman said: 'Hacking attacks are an international issue. China is also a victim," Hong Lei told a regular press conference. "The so-called statement that the Chinese government supports hacking attacks is a total fabrication out of nothing. It has ulterior motives.'

Google said that the latest attack was believed to have been executed fromJinan, China.

The company said that it had notified victims including U.S. government personnel, South Korean government officials and federal workers in several other Asian countries.

 

The cyber attack is believed to be larger than a security breach one year ago when the Gmail accounts of Chinese human rights activists were broken into, but Google itself was not hacked.

That attack eventually led to Google ending its agreement with the Chinese government to censor search results and the company moved its servers out of the country.

The company urged users to ‘please spend ten minutes today taking steps to improve your online security so that you can experience all that the Internet offers - while also protecting your data.’

Google said that it had successfully disrupted the hackers’ latest campaign.

On Wednesday security experts also raised serious concerns after hackers were thought to have broken into the network of another U.S. military contractor.

Cyber attackers are believed to have successfully breached security systems atNorthrop Grumman, who supply the military with aircraft and air defence systems.

Analysts warned that aircraft supplied by the company include unmanned aerial vehicles that can be controlled by computers.

‘If adversaries get that technology, we may not be the one that controls those weapons,’ Charles Dodd, an information warfare consultant at Nisrad Cyber Research Institute, told Fox News.

The latest attack follows security breaches at Lockheed Martin and L-3 Communications who were both targeted using remote-access security tokens.

Northrop Grumman shut down remote access to its network without warning, leading to speculation that it was the victim of a similar attack.

‘We do not comment on whether or not Northrop Grumman is or has been a target for cyber intrusions,’ spokesman Margaret Mitchell-Jones told FoxNews.

‘As a leader in cybersecurity, Northrop Grumman continuously monitors and proactively strengthens the security of our networks.’

The Pentagon said it was launching its first ever strategy on how to fight the escalating cyber attacks.

Anxious to contend with growing internet incursions linked to Russia and China, U.S. military chiefs have reportedly agreed that the most serious sabotage attempts should constitute an act of war.

The document – due to be published next month but whose contents were leaked to the Wall Street Journal – is designed to tackle a changing world in which computer hackers could cripple America’s financial markets or public transport systems.

‘If you shut down our power grid, maybe we will put a missile down one of your smokestacks,’ a military official told the Journal.

Officials said America wants to warn  hostile countries that they cannot get away with cyber warfare with impunity.

Instead, the U.S. argues that the existing international rules of armed conflict will apply in cyberspace.

Consequently, its level of retaliation for a cyber attack would be in proportion to the same amount of ‘death, damage, destruction or high-level disruption’ caused by a conventional military attack.

For example, an attack on the transport system that closed down as much commerce as would a naval blockade could be considered an act of war, said James Lewis, a cyber security expert who has advised the Obama administration.

The 30-page Pentagon document will also stress the importance of finding a consensus in this area with allies such as Britain.

This weekend unknown hackers broke into the security networks of Lockheed Martin Corp and several other U.S. military contractors.

They breached security systems designed to keep out intruders by creating duplicates to 'SecurID' electronic keys from EMC Corp's RSA security division, an anonymous source told Reuters.

It was not immediately clear what kind of data, if any, was stolen by the hackers.

But Lockheed's and other military contractor networks house sensitive data onfuture weapons systems as well as military technology currently used in battles in Iraq and Afghanistan.

Security experts say that it is virtually impossible for any company or government agency to build a security network that hackers will be unable to pierce.

The Pentagon, which has about 85,000 military personnel and civilians working on cybersecurity issues worldwide, said it also uses a limited number of theRSA security keys, but declined to say how many for security reasons.

The hackers learned how to copy those electronic keys with data stolen from RSA during a sophisticated attack that EMC disclosed in March, according to the source.

EMC declined to comment on the matter, as did executives at major defence contractors.

Lockheed, which employs 126,000 people worldwide and had $45.8 billion in revenue last year, said it does not discuss specific threats or responses as a matter of principle, but regularly took actions to counter threats and ensure security.

SecurIDs are widely used electronic keys to computer systems that work using a two-pronged approach to confirming the identity of the person trying to access a computer system.

They are designed to thwart hackers who might use key-logging viruses to capture passwords by constantly generating new passwords to enter the system.

The SecurID generates new strings of digits on a minute-by-minute basis that the user must enter along with a secret PIN before they can access the network. If the user fails to enter the string before it expires, then access is denied.

EMC disclosed in March that hackers had broken into its network and stolen some information related to its SecurIDs. It said the information could potentially be used to reduce the effectiveness of those devices in securing customer networks.

EMC said it worked with the Department of Homeland Security to publish a note on the March attack and provided Web addresses to help companies identify where the attack might have come from.

< Prev		Next >