Google cyber attack: the evidence against China
Hackers in China are attacking US companies like Google with 'professional quality, organization, and discipline' – raising the specter that the government is involved in the cyber attacks.
Google's announcement yesterday that cyber attacks emanating from China "resulted in the theft of intellectual property" from the search-engine giant adds to the drumbeat of allegations of Chinese cyberattacks on US targets.Skip to next paragraph
Subscribe Today to the Monitor
Such attacks have occurred with increasing frequency in recent years, from the pilfering of e-mail systems belonging to the US Secretary of Defense to the theft of advanced weapons designs from defense contractors.
Google said its own investigation found that at least 20 other large companies from range of industries, including the Internet, finance, technology, media, and chemical sectors were similarly targeted in December. Software maker Adobe on Wednesday apparently became the first company to acknowledge that assertion, saying its corporate network, too, was attacked.
"We are still in the process of conducting our investigation into the incident," Wiebke Lips, an Adobe spokeswoman, told Computerworld. "It appears that this incident and the one Google announced earlier are related."
The sophistication of these attacks and others have led experts to suggest that the attacks have been coordinated or at least approved by the Chinese government. Some senior US officials have been particularly blunt.
"Some [attacks], we have high confidence, are coming from [Chinese] government-sponsored sites," Joel Brenner, former office of National Counter-intelligence executive told the National Journal in an interview last year.
Not the work of amateurs
The evidence is circumstantial and comes from several cases where US corporate networks have been infiltrated by hackers from China and data removed.
What the cases reveal is meticulous organization with the highest levels of technical sophistication – sophistication beyond the abilities of amateur hackers, experts say.
“These types of operational techniques are not characteristic of amateur hackers operating in widely dispersed geographic areas,” according to a recent study conducted for the US-China Economic and Security Review Commission.
In an analysis of one particular attack on a US company, the review commission stated: “Even if these were freelance operators not directly affiliated with a state or military organization, they had a professional quality, organization, and discipline."
Among the best documented accounts of a highly orchestrated and systematic cyberespionage attack came in March when Canadian researchers identified 1,295 computers in 103 countries infected by spyware and operated by a "GhostNet" or network of computers.
The Tibet connection
Unlike many viruses that infect randomly, the compromised computers of GhostNet belonged to high-value targets like embassies and nongovernmental organizations. Their common thread was the foreign policy concerns of China, the report found.
Many had a Tibet connection – including computer systems at the offices of the Dalai Lama and other Tibetan targets.