Google's cyber woes in China may aid security firms
Wednesday, Jan 13, 2010 9:59PM UTC
By Jim Finkle
BOSTON (Reuters) - Cyber attacks on Google Inc's China operations could scare businesses and consumers into spending more on protection, benefiting security companies like McAfee Inc, Symantec Corp and Trend Micro.
Hackers frequently succeed in attacking businesses, security experts say, but companies rarely disclose the breaches because they are afraid of damaging their reputations and encouraging criminals.
"It's basically a call to arms. If Google can be hacked, it can happen to anybody," said Laura DiDio, analyst with technology research firm ITIC.
On Tuesday, Google said that in mid-December, it detected a "highly sophisticated and targeted attack" on its corporate infrastructure originating from China that resulted in the theft of intellectual property from Google.
The world's largest Internet search engine said its investigation showed that not just Google but at least 20 other large companies from a wide range of businesses, including the Internet, finance, technology, media and chemical, had been similarly targeted.
Google said it had evidence suggesting that a primary goal of the attackers was accessing Gmail accounts of Chinese human rights activists.
It said accounts of dozens of U.S.-, China- and Europe- based Gmail users who are advocates of human rights in China appeared to have been routinely accessed by third parties.
Google has threatened to quit China, the world's biggest Internet market, saying it would no longer tolerate strict censorship of its Google.cn search engine.
WHO BENEFITS FROM THE CRIME?
"People's security departments are constantly saying, 'We need more security.' Business leaders say, 'Justify that expense'," said Jeff Moss, a member of the U.S. government's Homeland Security Advisory Council and founder of the Black Hat and DEFCON computer hacker conferences.
Moss said that when Google makes a disclosure about such attacks, "It gives the people arguing for budget a really strong argument."
Google offered the anti-virus industry a free advertisement when it disclosed the attack.
"We would advise people to deploy reputable anti-virus and anti-spyware programs on their computers," Google wrote in its official blog, http://googleblog.blogspot.com.
The attacks on Google are the latest in a string of high-profile cyber attacks that Wall Street analysts said have helped security companies outperform the broader technology market.
They cited last year's April 1 "Conficker" worm attack, the "Koobface" Facebook virus, and attacks on U.S. government websites that were believed to have originated from North Korea.
Facebook said on Tuesday that its 350 million users could download a free six-month trial of McAfee's Internet Security Suite, which protects computer users from viruses and other Internet threats.
Market researcher IDC estimates that sales of security software rose 4 percent last year to $15.4 billion, even as overall technology spending declined. IDC projects that it will rise another 6 percent this year.
"Symantec and McAfee are the Batman and Superman in terms of protecting enterprises and consumers," said FBR Capital Markets analyst Daniel Ives. "The situation with Google brings the issue even more to the forefront."
Symantec, McAfee and Trend are the three largest makers of anti-virus software.
Jefferies & Co analyst Katherine Egbert said that beneficiaries of increased security spending would include Checkpoint Software Technologies Ltd, SonicWALL Inc and Websense Inc.
"Any time you have a high profile breach like this it creates a wave of awareness. That's nothing but good for the security companies," Egbert said.
(Reporting by Jim Finkle; Editing by Paul Thomasch)