Google Considers Attacks On Network An Inside Job
Google has been investigating whether employees at its China office had a hand in the attacks that occurred on its network leading to intellectual property theft. The attack on the network also included hacking into Gmail accounts of some people promoting human rights in China.
Suspicions by Google that employees could have had a hand in the attack on the network increased toward the end of last week as a deeper investigation got underway, according to one source. The company's legal council had publicly stated it suspects political motivation.
Employees in Google China were asked to take a leave and were cut off from the network, so the Mountain View, Calif. search engine could run tests. Reuters reported a similar scenario Monday, citing unnamed sources and local media reports.
People may sometimes forget that China remains an authoritarian state, and that the Chinese government relies on the Internet and computer networks for "espionage" and "keeping informed" about the whereabouts of people who promote greater respect for human rights in China.
Charles Burton, professor in the department of political science at Brock University in St Catharines, Ontario, Canada, says that blogs written with a political undertone will disappear from the Web. Internet providers simply remove posts.
Google's YouTube and Blogger are completely blocked in China, according to Burton. "You can read some Google Docs, but you can't add to them," he says. "Google's menu of services is already limited in China, beyond the search engine. There have been some unexplained disruptions to Gmail, too, which is also cause for concern. You get a 'page not found" error."
Burton, who has a home in China near the border of Vietnam, says many Chinese people don't agree with their access being limited by the government for political purposes, so there is a movement among some citizens to change the approach to cyber censorship. But as Google has discovered, changing policy in China isn't easy.
Now, The New York Times reports that at least two foreign journalists living in Beijing have had their Google email accounts hacked. The hackers changed settings to forward all Gmail messages to another address.
The attacks that infiltrated Google's network also targeted about 30 other companies, from Jupiter Network to Yahoo. Attackers relied on a Trojan-modified version of Hydraq. Security analysts say the sophistication of the attacks didn't focus on the method, but rather the people. Attackers knew the exact targets within Google.
Getting access to computers on Google's network meant exploiting a hole in Internet Explorer. The code for the hole in IE linked to the attacks on Google and others was released late last week, warned both Microsoft and McAfee late on Friday.
"The public release of the exploit code increases the possibility of widespread attacks using the Internet Explorer vulnerability," George Kurtz, McAfee chief technology officer, wrote in a blog post. "The now-public computer code may help cybercriminals craft attacks that use the vulnerability to compromise Windows systems."