Google may shut its Chinese Web site after a "highly sophisticated" cyber attack aimed at the e-mail accounts of human-rights activists.
Google said that the attacks started in mid-December, when Google
had detected a highly sophisticated and targeted attack on its
corporate infrastructure originating from China that resulted in
the theft of intellectual property from Google. However, it soon
became clear that what at first appeared to be solely a security
incident--albeit a significant one--was something quite different.
Google added that this attack was not just on Google. The search
engine giant discovered that at least twenty other large
companies from a wide range of businesses--including the Internet,
finance, technology, media and chemical sectors--had been
similarly targeted. Google's team said that they were in the
process of notifying those companies, and they were also working
with the relevant U.S. authorities.
Evidence suggest that a primary goal of the attackers was
accessing the Gmail accounts of Chinese human rights activists,
Google said. Based on their investigation to date Google believes
their attack did not achieve that objective. Only two Gmail
accounts appear to have been accessed, and that activity was
limited to account information (such as the date the account was
created) and subject line, rather than the content of emails
themselves.
Google has also discovered that the accounts of dozens of U.S.-,
China- and Europe-based Gmail users who are advocates of human
rights in China appear to have been routinely accessed by third
parties. These accounts have not been accessed through any
security breach at Google, but most likely via phishing scams or
malware placed on the users' computers, Google added.
"We have already used information gained from this attack to make
infrastructure and architectural improvements that enhance
security for Google and for our users. In terms of individual
users, we would advise people to deploy reputable anti-virus and
anti-spyware programs on their computers, to install patches for
their operating systems and to update their web browsers. Always
be cautious when clicking on links appearing in instant messages
and emails, or when asked to share personal information like
passwords online," David Drummond, SVP, Corporate Development and
Chief Legal Officer over Google wrote on the company's blog.
"We launched Google.cn in January 2006 in the belief that the
benefits of increased access to information for people in China
and a more open Internet outweighed our discomfort in agreeing to
censor some results. At the time we made clear that "we will
carefully monitor conditions in China, including new laws and
other restrictions on our services. If we determine that we are
unable to achieve the objectives outlined we will not hesitate to
reconsider our approach to China," Drummond added.
"These attacks and the surveillance they have uncovered--combined
with the attempts over the past year to further limit free speech
on the web--have led us to conclude that we should review the
feasibility of our business operations in China. We have decided
we are no longer willing to continue censoring our results on
Google.cn, and so over the next few weeks we will be discussing
with the Chinese government the basis on which we could operate an
unfiltered search engine within the law, if at all. We recognize
that this may well mean having to shut down Google.cn, and
potentially our offices in China," Google's legal officer said.
"The decision to review our business operations in China has been
incredibly hard, and we know that it will have potentially
far-reaching consequences. We want to make clear that this move
was driven by our executives in the United States, without the
knowledge or involvement of our employees in China who have worked
incredibly hard to make Google.cn the success it is today. We are
committed to working responsibly to resolve the very difficult
issues raised," Google added.