Monday, January 18, 2010

Google Gmail Accounts Vulnerable, China Hack Went Public

Followup (January 19, 2010)
If you've got a Gmail account, you should be interested in this.

Looks like the hack that China has used to get into Gmail accounts in its worker's paradise has gone public.

(The format of this Apathetic Lemming of the North post is a little different than the usual: excerpts from a few news articles and a post in another blog, then a fairly short comment.)

"Chinese Attack On Google Seen As Cybertheft"
National Public Radio (January 18, 2010)

" Google's carefully worded announcement last week that it had experienced "a highly sophisticated and targeted" cyber attack in China caught the attention of both human rights advocates and industrial espionage experts, though for quite different reasons.

"Activists focused on a Google statement that a 'primary goal' of the attack had been to access the Gmail accounts of Chinese dissidents. Espionage experts, however, were drawn to Google's acknowledgement that the cyber attack 'resulted in the theft of intellectual property.'

"Those words say a lot. 'Intellectual property' means knowledge and ideas. It's what makes innovation possible, and it can include everything from secret formulas to computer source code. Google is among the most innovative companies on the planet, and someone in China has been stealing its secrets. Some China experts see this as the real story behind Google's threat to pull out of China.

" 'For Google to have made such a profound decision, to turn its back on the fastest growing economy in the world, it had to have been more than a bunch of dissident e-mail accounts, says James Mulvenon of the Defense Group consultancy..."

"Google Hack Leaked to Internet; Security Experts Urge Vigilance"
FOXNews (January 18, 2010)

"The code that was used to hack Gmail accounts in China is now publicly available on the Internet, and security experts are urging computer users throughout the world to be highly vigilant until a patch can be developed.

"The hack involves Internet Explorer 6, the browser that came with the Windows XP operating system that, while outdated, still powers millions of businesses and home computers and is now dangerously compromised.

"On Thursday, the code that was used to hack Gmail accounts in China and led Google to threaten to close shop there was posted to malware-analysis Web site Wepawet. By Friday, security site Metasploit had posted a demonstration of just how easily the exploit can be used to gain complete control over a computer.

"Metasploit is intended to let security professionals test out security threats...."

"Google Investigating If China Staff Involved in Cyber Attack"
The Wall Street Journal (January 18, 2010)

"Google Inc. is investigating whether any of its employees in China played a role in facilitating a major cyber attack that prompted a decision to stop censoring its search results in the country, according to people familiar with the matter.

"One of these people said consideration of employee involvement was part of the normal course of investigating the attack, which Google has traced to China and which resulted in some loss of the company's software code.

"While the company is still investigating, another person familiar with the matter said Google believes the attacks would have been successful whether or not the company had a presence in China.

"Whether the company has found any evidence to implicate employees remains unclear. It is also unclear whether the Google investigation is focusing on the possibility of employee involvement in the main attack against its systems or separate attempts to breach the Gmail accounts of Chinese human rights activists, or both...."

"Google China insiders may have helped with attack"
CNET (January 18, 2010)

"Google is looking into whether employees in its China office were involved in the attacks on its network that led to theft of intellectual property, according to CNET sources.

"Sources familiar with the investigation told CNET last week that Google was looking into whether insiders at the company were involved in the attacks, but additional details were not known at the time.

"Insiders could have played a part in what is believed to have been a multi-prong attack on the company, according to the sources.

"Employees in the Google China office were put on leave and others were transferred, Reuters reported on Monday, citing local media reports and unnamed sources. Employees in the office were temporarily cut off from the network so Google could run tests and scans to ensure that the network was secure, sources familiar with the investigation told CNET...."

"Google probing possible inside help on attack"
Reuters (January 18, 2010)

"Google is investigating whether one or more employees may have helped facilitate a cyber-attack that the U.S. search giant said it was a victim of in mid-December, two sources told Reuters on Monday.

"Google, the world's most popular search engine, said last week it may pull out of the world's biggest Internet market by users after reporting it had been hit by a 'sophisticated' cyber-attack on its network that resulted in theft of its intellectual property.

"The sources, who are familiar with the situation, told Reuters that the attack, which targeted people who have access to specific parts of Google networks, may have been facilitated by people working in Google China's office.

" 'We're not commenting on rumor and speculation. This is an ongoing investigation, and we simply cannot comment on the details,' a Google spokeswoman said.

"Security analysts told Reuters the malicious software (malware) used in the Google attack was a modification of a Trojan called Hydraq. A Trojan is malware that, once inside a computer, allows someone unauthorized access. The sophistication in the attack was in knowing whom to attack, not the malware itself, the analysts said...."

China hosted the Olympics in 2008, which may explain why innovatively suicidal stunts by Chinese companies and occasionally goofy behavior by the Chinese government was in the news so much, here in America.

Poison toothpaste and factory-loaded malware in consumer electronics didn't help, of course.
"...I still think it's likely that China's new export industry is infested with criminally incompetent nitwits, who have no clue about why you make sure that
  • "Consumer electronics don't have factory-loaded malware
  • "Cough syrup doesn't kill the customer, as well as the cough
  • "Children's toys aren't coated with lead
  • "Baby food isn't poisonous
"On the other hand, as these over-the-top examples of not-as-advertised products pile up - along with dead bodies - it isn't all that crazy to wonder if the Chinese government is trying to sabotage other countries.

"And doing a bad job of it...."
("Thai Police, Punctured Protesters, and Exploding Tear Gas from China," Another War-on-Terror Blog (October 13, 2008)
As I said, 2008 wasn't a good year for China, in terms of good public relations.

The Gmail hack that the Chinese government was using to monitor enemies of the state - real or imagined - just happening to go public could be really, really bad luck for China.

Or maybe Google has very good reason for backing out of "the fastest growing economy in the world". (NPR)

Related posts:

No comments:

Unique, innovative candles

Visit us online:
Spiral Light CandleFind a Retailer
Spiral Light Candle online store

Pinterest: From the Man Behind the Lemming

Top 10 Most-Viewed Posts

Today's News! Some of it, anyway

Actually, some of yesterday's news may be here. Or maybe last week's.
The software and science stuff might still be interesting, though. Or not.
The Lemming thinks it's interesting: Your experience may vary.
("Following" list moved here, after Blogger changed formats)

Who Follows the Lemming?

WebSTAT

Family Blogs - Blog Catalog Blog Directory