Google shocked Web users on Tuesday when it announced that it might pull out of China after Chinese human rights activists' Gmail accounts were targeted by hackers. Now, security experts have revealed that those attacks were part of a far larger campaign of state-sponsored corporate espionage.
Silicon Valley-based security firm VeriSign iDefense says computers at more than 30 U.S. companies -- including, according to The Washington Post, Microsoft, Yahoo, Dow Chemical and defense giant Northrop Grumman -- were penetrated during the same operation.
Execs at iDefense, which analyzed the spy software sent to one firm, say there's strong evidence of Chinese government involvement in the strike. "The IP addresses used to launch the attacks are known to be associated with previous attacks from groups that are either directly employed agents of the Chinese state or amateur hackers that are proxies for them that have attacked other U.S. companies in the past," Eli Jellenc, head of international cyberintelligence at iDefense, toldcnet.com.
Web criminals cracked their way into the company computers with a scam known as "phishing." It works like this: An e-mail, disguised to look like a message from a friend or co-worker, is sent to an employee at the target firm. The employee unsuspectingly opens it and downloads an attachment, possibly disguised as a photo or pdf file, containing a "sleeper" program. Once installed, the program lets the attacker remotely control the PC, giving him access to e-mails and important documents, and even allowing him to switch on webcams and microphones.
It's not unusual for U.S. companies to be targeted with these sorts of attacks. But security experts say this wave of hacks, which exploited multiple flaws in different software programs, showed a new level of sophistication. "Usually, it's a group using one type of malicious code per target," Jellenc told The Washington Post. "In this case, they're using multiple types against multiple targets -- but all in the same attack campaign. That's a marked leap in coordination."
The attack also revealed the growing threat posed to the U.S. economy by Chinese hackers. Several experts believe the operation's main goal was the theft of intellectual property (IP) -- such as the source code that powers software programs, or blueprints for new technologies. That kind of top-secret information would allow China to speed up its transition from an export-based economy, which simply manufactures goods designed by other nations, to one based around cutting-edge research and development. Indigenous firms could then start to challenge the Western competition.
"If you're having trouble [innovating] or if you want to prime the pump, the best way is to go out and steal cutting-edge IP," James Mulvenon, director of Defense Group Inc.'s Center for Intelligence Research and Analysis, Computer World. "It's a plausible explanation for why they would go after Silicon Valley companies on such a broad scale, because they're really trying to jump-start IT innovation in China."
Google hasn't explicitly blamed the Chinese government for the hack, which saw dozens of gmail accounts used by activists in the U.S., Europe and China "routinely accessed" by "third parties" located in the People's Republic. However, the company announced that it would stop censoring search results on Google.cn. That move was widely seen as designed to embarrass Beijing, which stops its citizens from accessing any site that mentions "Tiananmen Square," "Tibetan independence" and dozens of other phrases.
That action, along with its threat to quit the country, suggests the Internet giant suspects state involvement in the hacking attack. "They wouldn't be taking an action suggesting that they cannot operate in China ... if it was not related to the Chinese government," Leslie Harris, president and CEO of the Center for Democracy and Technology, told Computer World.
The Obama administration has taken a hard line on China's alleged involvement. In a statement Tuesday, Secretary of State Hillary Clinton asked the government to explain itself and said that Google's allegations "raise very serious concerns and questions."
But answers may be hard to come by. At a Thursday press conference, Foreign Ministry spokeswoman Jiang Yu simply noted that hacking was illegal in China. That same day, State Council Minister Wang Chen implied that Beijing wouldn't allow an uncensored Google.cn. "Properly guiding Internet opinion is a major measure for protecting Internet information security," Wang said, according to the BBC.
While Google is not the largest search engine in China -- Baidu.cn has cornered 60% of the search market -- its absence would be sorely felt. The search engine indexes millions of Chinese Web sites and digitally connects the country to the rest of the world. Without Google, China's Internet will essentially exist in a bubble. And for a country determined to become a high-tech player, that's a definite step back.
Chinese Google Hack Part of Broader Effort
Posted by
teja
Thursday, January 14, 2010
Source:
http://www.sphere.com
Labels: Tech News
0 comments:
Post a Comment