D
Da Qiao
Guest
Google Gmail cyber attack: 'Chinese spies had months of access'
Chinese spies enjoyed months of access to the personal Google emails of senior US officials and human rights activists, according to the US researcher responsible for accusations rejected by Beijing.
By Christopher Williams, Peter Foster in Beijing
5:59PM BST 02 Jun 2011
The web giant sparked a renewed cyberspace espionage row after it published details of the attack and said it had traced the source to Jinan, in Shandong Province.
It did not directly accuse the Chinese government but appeared to hint strongly at its involvement, prompting angry denials from Beijing.
"Blaming these misdeeds on China is unacceptable," a foreign ministry spokesman said.
"Hacking is an international problem and China is also a victim. The claims of so-called support for hacking are completely unfounded and have ulterior motives."
The first details of the attack emerged in February on the blog of Mila Parkour, a pseudonymous computer security expert who found a "spear phishing" email on the systems of one of her clients.
She alerted Google, which said late on Wednesday that hundreds of "senior US government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists" were targeted.
The emails were tailored to increase their chances of duping targets. An example described by Ms Parkour appeared to originate from the State Department and contained link to a document named "Draft US-China Joint Statement".
In fact, when clicked, the link summoned a facsimile of the Gmail login page. The bogus page asked targets to enter their password, granting the attackers full access to their email account. Google said the attackers then changed settings so that all incoming messages would be forwarded to them.
Google "detected and has disrupted this campaign to take users' passwords and monitor their emails", it said. "We have notified victims and secured their accounts". The White House and the FBI said an investigation was ongoing but added that it didn't believe that any government networks had been breached.
Security experts noted that Jinan is a regional command centre for China's People's Liberation Army and the alleged source of a more serious and sophisticated breach of Google's security in late 2009. The firm pulled out of China after hackers broke through its security systems to spy on human rights activists.
In that case, the attack was traced to an internet address at the Lanxiang Senior Technical School in Jinan, a vocational training college with reported military links. It denied any involvement in cyber attacks and reaffirmed its stance yesterday.
But Google's motives for going public about the hack attacks would inevitably attract cynicism in China, according to Michael Anti, a leading internet commentator in China.
"This is a very unsophisticated attack, every gang in Nigeria does this kind of thing, so why does Google announce this attack and not all the others? They could make an announcement like this every single day.
"Of course people in China will wonder if this is politically motivated, and ask whether Google is connected to the US government, but I guess without a mole in Google headquarters we'll never know." Whatever the source, experts expert cyber attacks to increase.
"We'll certainly see more of this in the future, as Chinese hackers - independent and otherwise - target Google because of its global popularity and its decision to defy the Chinese government on censorship, which some hackers will misconstrue as being anti-Chinese," said Michael Clendenin, managing director of RedTech Advisors, a technology consulting firm.
