"All the world's a stage we pass through." - R. Ayana

Wednesday, January 20, 2010

China Hacks Google

Don’t Use Explorer!

 

 

 Google Blog says, in its entirety:
Like many other well-known organizations, we face cyber attacks of varying degrees on a regular basis. In mid-December, we detected a highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property from Google. However, it soon became clear that what at first appeared to be solely a security incident--albeit a significant one--was something quite different.

First, this attack was not just on Google. As part of our investigation we have discovered that at least twenty other large companies from a wide range of businesses--including the Internet, finance, technology, media and chemical sectors--have been similarly targeted. We are currently in the process of notifying those companies, and we are also working with the relevant U.S. authorities.

Second, we have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists. Based on our investigation to date we believe their attack did not achieve that objective. Only two Gmail accounts appear to have been accessed, and that activity was limited to account information (such as the date the account was created) and subject line, rather than the content of emails themselves.

Third, as part of this investigation but independent of the attack on Google, we have discovered that the accounts of dozens of U.S.-, China- and Europe-based Gmail users who are advocates of human rights in China appear to have been routinely accessed by third parties. These accounts have not been accessed through any security breach at Google, but most likely via phishing scams or malware placed on the users' computers.

We have already used information gained from this attack to make infrastructure and architectural improvements that enhance security for Google and for our users. In terms of individual users, we would advise people to deploy reputable anti-virus and anti-spyware programs on their computers, to install patches for their operating systems and to update their web browsers. Always be cautious when clicking on links appearing in instant messages and emails, or when asked to share personal information like passwords online. You can read more here about our cyber-security recommendations. People wanting to learn more about these kinds of attacks can read this U.S. government report (PDF), Nart Villeneuve's blog and this presentation on the GhostNet spying incident.

We have taken the unusual step of sharing information about these attacks with a broad audience not just because of the security and human rights implications of what we have unearthed, but also because this information goes to the heart of a much bigger global debate about freedom of speech. In the last two decades, China's economic reform programs and its citizens' entrepreneurial flair have lifted hundreds of millions of Chinese people out of poverty. Indeed, this great nation is at the heart of much economic progress and development in the world today.

We launched Google.cn in January 2006 in the belief that the benefits of increased access to information for people in China and a more open Internet outweighed our discomfort in agreeing to censor some results. At the time we made clear that "we will carefully monitor conditions in China, including new laws and other restrictions on our services. If we determine that we are unable to achieve the objectives outlined we will not hesitate to reconsider our approach to China."

These attacks and the surveillance they have uncovered--combined with the attempts over the past year to further limit free speech on the web--have led us to conclude that we should review the feasibility of our business operations in China. We have decided we are no longer willing to continue censoring our results on Google.cn, and so over the next few weeks we will be discussing with the Chinese government the basis on which we could operate an unfiltered search engine within the law, if at all. We recognize that this may well mean having to shut down Google.cn, and potentially our offices in China.

The decision to review our business operations in China has been incredibly hard, and we know that it will have potentially far-reaching consequences. We want to make clear that this move was driven by our executives in the United States, without the knowledge or involvement of our employees in China who have worked incredibly hard to make Google.cn the success it is today. We are committed to working responsibly to resolve the very difficult issues raised.
+++++++++++++++++

Doesn't it look like they know that the Chinese government is behind all this? And that the decision to operate Google.cn openly is a response to that? Good work, Google. Now that you've talked the talk, walk the walk.

UPDATE: The New York Times has more:

Google did not publicly link the Chinese government to the cyber attack, but people with knowledge of Google’s investigation said they had enough evidence to justify its actions. 

A United States expert on cyber warfare said that 34 companies were targeted, most of them high-technology companies in Silicon Valley. The attacks came from Taiwanese Internet addresses, according to James Mulvenon, an expert on Chinese cyberwarfare capabilities.

Mr. Mulvenon said that the stolen documents were sent electronically to a server controlled by Rackspace, based in San Antonio. 

“For Google to pull up stakes and basically pull out China, the attack must have been large in scope and very penetrating,” Mr. Mulvenon said. “This attack highlights the fact that cyberwarfare has basically gone to the next level.”

Note again the abuse of Taiwan -- the attacks originated from here, just as China used Taiwan firms to send nuke tech to Iran. It's obvious that at least one payoff China is hoping for is western ire at Taiwan.

Hope the local papers give this wide publicity.

UPDATE II: "call me cynical, but would google be this principled if their China business were #1 and doing well?"(post to niubi)

There are a lot of comments from "knowing" expats that Google is just doing this because it is losing market share to Baidu. While true, it still commands a ~20% share and losses among users who actually spend money appear to be smaller (20% of China's educated internet users is bigger than many countries where Google dominates). But both that article and Google's 2006 blogpost say that they are in China for the long haul. Moreover, the post shows that Google has always been cognizant of the human values involved in investing in China.

The cynicism of "it's all about market share", and all such uses of cynicism as an analytical stance rather than as an emotional response, is really just a mask for an ideology of power that shills for China (and all forms of authoritarian power). By treating Google as the active agent, and China as the passive recipient of Google's action, it takes China's theft and spying activities, its authoritarian regime, its murderous, thuggish ways, as constants, like gravity, something part of the environment, but something which need not explain itself nor account for its actions. In the cynical formulation, "power" just is and has no moral agency of its own. Hence the spotlight is always focused on those who take action, "exposing" their hypocrisy. By putting the spotlight on Google, the cynics remove it from China -- but it is China that has acted evilly here, not Google.

So call me cynical, but would all those China expats be so quick to leap on Google if they lived outside China?

UPDATE III: Imagethief says Google detonates the China corporate communications script with many good links.

Google Hack Leaked to Internet;

Security Experts Urge Vigilance

Microsoft Screws Up Again!
 
The code that was used to hack Gmail accounts in China is now publicly available on the Internet, and security experts are urging computer users throughout the world to be highly vigilant until a patch can be developed.

The hack involves Internet Explorer 6, the browser that came with the Windows XP operating system that, while outdated, still powers millions of businesses and home computers and is now dangerously compromised. 

On Thursday, the code that was used to hack Gmail accounts in China and led Google to threaten to close shop there was posted to malware-analysis Web site Wepawet. By Friday, security site Metasploit had posted a demonstration of just how easily the exploit can be used to gain complete control over a computer.
Metasploit is intended to let security professionals test out security threats. 

"Normally these frameworks are designed for the good guys for our assessment. The problem is, it's open source and available to anyone," said Michael Gregg, head of Superior Solutions Inc., a Houston-based cybersecurity consultancy.

"And the scary thing about Metasploit is, anybody can pull this stuff down and anybody can launch it. It's not the skilled hacker working for the government, it's the kid next door." 

George Kurtz, CTO of the security firm McAfee, agrees. "The public release of the exploit code increases the possibility of widespread attacks using the Internet Explorer vulnerability," he wrote late week. "This attack is especially deadly on older systems that are running XP and Internet Explorer 6." 

Hacks based on this security flaw led Google to threaten to drop its www.google.cn Web site and leave China last week. The Internet behemoth believes these security intrusions are a quest not just for political knowledge but also for intellectual property. Experts warn that as many as 30 other companies have been hacked, ranging from software firms like Adobe and Juniper Networks to Northrop Grumman -- a major U.S. defense contractor and manufacturer of nuclear-powered aircraft carriers and the Global Hawk unmanned drone.

Microsoft has yet to patch the hole in IE 6, a flaw so serious it's prompted the German government to suggest citizens avoid IE. Microsoft has posted a security advisory detailing the problem, and urging users to upgrade to newer browsers. 

Microsoft's next scheduled security update is Feb. 9 -- so unless the company expedites an "out of cycle" security patch, more than three weeks will elapse before this vulnerability is fixed. Without a patch in sight, security experts urge vigilance, and not just for government agencies and huge businesses like Google.

"This is something that affects businesses in the U.S. as well as individuals. The Internet knows no borders,"  Gregg warned.

Gregg said that years ago, software companies had months to solve a security flaw after it was uncovered. Today, it's hours. Protecting yourself and your business is substantially harder today than it was in years past, too, due both to the accelerated pace of these exploits and also to hackers' reliance on social engineering, where an individual is tricked into providing confidential information. 

Gregg calls it spearphishing: "They target the user with an e-mail  that would appeal to them, one that leads to a site that launches malicious code onto your system." And the IE 6 exploit makes it particularly easy to slip that code on your computer.

Staying on top of current security patches, using firewalls, updating Web browsers and running intrusion detection software is the first part of staying safe. But since most attacks rely upon spearphishing or some similar end-user exploit, Gregg suggests a training program that would warn users that if an e-mail link looks too good to be true, it probably is -- don't click on it.


Images - http://www.foxnews.com/scitech/2010/01/18/google-exploit-leaked-internet-security-experts-urge-vigilance/
http://www.washingtonpost.com/wp-dyn/content/article/2010/01/16/AR2010011600871.html

For further enlightenment enter a word or phrase into the search box @  New Illuminati:

or http://newilluminati.blog-city.com  (this one only works with Firefox)

And see

The Her(m)etic Hermit - http://hermetic.blog.com
 http://newilluminati.blog-city.com (this one only works with Firefox)


This material is published under Creative Commons Copyright (unless an individual item is declared otherwise by copyright holder) – reproduction for non-profit use is permitted & encouraged, if you give attribution to the work & author - and please include a (preferably active) link to the original along with this notice. Feel free to make non-commercial hard (printed) or software copies or mirror sites - you never know how long something will stay glued to the web – but remember attribution! If you like what you see, please send a tiny donation or leave a comment – and thanks for reading this far…

From the New Illuminati – http://nexusilluminati.blogspot.com

No comments:

Post a Comment

Add your perspective to the conscious collective