Hackers access Google's Australia branch

Now it can be told: Hackers managed to access Internet giant Google's Australia facility recently, no thanks to an unpatched software system, a tech site reported.

 

But this episode had a happy ending of sorts, as the hackers notified Google instead of doing something nasty, PC World reported.

 

The computer security researchers with Cylance found Google’s Australia branch was using an unpatched version of Niagara, a software system managing control systems in buildings.

 

"Cylance didn’t do anything malicious and notified Google of the problems, and the company 'quickly pulled offline' the system, Rios wrote. But the company’s researchers did take a peek at the system, which allowed them to see a third-floor map of the office revealing its water and HVAC systems," PC World said.

 

"We’re grateful when researchers report their findings to us. We took appropriate action to resolve this issue," it quoted a Google spokeswoman as saying Tuesday.

 

Cylance technical director and director of consulting Billy Rios said they were researching industrial control systems, which involved scanning the Internet for vulnerable devices.

 

The researchers wrote a custom exploit to extract a configuration file that contained the user names and passwords for authorized users.

 

They then used custom tools to decrypt the passwords and open the software for takeover.

 

"It would have been possible for the researchers to 'root' the control system, or maintain persistent, complete access to it. Google said the access the researchers had would have only allowed them to manipulate the building’s heating and cooling," PC World said. — TJD, GMA News