Forgot your password?
typodupeerror
Google Technology

Google Attackers Identified as Chinese Government 651

Posted by CmdrTaco
from the well-this-isn't-good dept.
forand writes Researchers, examining the attacks on Google and over 20 other companies in December, have determined 'the source IPs and drop server of the attack correspond to a single foreign entity consisting either of agents of the Chinese state or proxies thereof.'"
This discussion has been archived. No new comments can be posted.

Google Attackers Identified as Chinese Government

Comments Filter:
  • by ATestR (1060586) on Thursday January 14, 2010 @01:48PM (#30767208) Homepage

    Coming to a planet near you.

    • No, Seriously... (Score:5, Interesting)

      by RobotRunAmok (595286) on Thursday January 14, 2010 @01:57PM (#30767370)

      If a foreign government had attacked non-digital assets of any US corporation, you would expect some kind of formal reprisal. Maybe not an airdrop of Marines, but certainly something more than Hilary Clinton threatening to write a stern letter.

      What I have not doped out yet to my own satisfaction is whether the tepid response from Washington is the fault of the current administration, confusion regarding the digital nature of the breach and assets, or a little of both.

      • by MakinBacon (1476701) on Thursday January 14, 2010 @02:02PM (#30767496)
        There's nothing tepid about sending in Hillary Clinton. In fact, China would probably prefer if we used the marines.

        http://www.theonion.com/content/video/u_s_condemned_for_pre_emptive_use [theonion.com]

      • by fridaynightsmoke (1589903) on Thursday January 14, 2010 @02:05PM (#30767562) Homepage

        If a foreign government had attacked non-digital assets of any US corporation, you would expect some kind of formal reprisal. Maybe not an airdrop of Marines, but certainly something more than Hilary Clinton threatening to write a stern letter.

        What I have not doped out yet to my own satisfaction is whether the tepid response from Washington is the fault of the current administration, confusion regarding the digital nature of the breach and assets, or a little of both.

        I think it has something to do with Chinese savings now being the foundation of much of the western economy, and the fact that China is a major nuclear power.

        What China realised and the USSR didn't, IMO, is that they could forget the cold war and essentially buy the west with the west's own money.
        /crazy theory

        • Re:No, Seriously... (Score:5, Interesting)

          by Neoprofin (871029) <neoprofin@hotm a i l.com> on Thursday January 14, 2010 @02:22PM (#30767854)
          The problem with this theory of winning the new cold war simply by buying the opponent is that it doesn't, and can't, lead to any kind of victory. By investing in US debt China has bound themselves in an unholy blood pact to the U.S. economy. We on some level need them to continue pouring money into the economy to pay for poorly thought out foreign policy, they on the other hand need us to continue to prosper or all of their investments become worthless. If one side wins both sides win, if one sides loose both sides loose. The Chinese have already shown their realization of this in their effort to keep interest rates low to prevent inflation from devaluing their assets.
          • by ground.zero.612 (1563557) on Thursday January 14, 2010 @02:27PM (#30767970)

            The problem with this theory of winning the new cold war simply by buying the opponent is that it doesn't, and can't, lead to any kind of victory. By investing in US debt China has bound themselves in an unholy blood pact to the U.S. economy. We on some level need them to continue pouring money into the economy to pay for poorly thought out foreign policy, they on the other hand need us to continue to prosper or all of their investments become worthless. If one side wins both sides win, if one sides loose both sides loose. The Chinese have already shown their realization of this in their effort to keep interest rates low to prevent inflation from devaluing their assets.

            Was that a long winded post for "The US is facilitating a Ponzi scheme, with China being the the bottom rung contributors."?

          • Re: (Score:3, Informative)

            by imunfair (877689)

            I'm not sure I agree with several of your premises. They're the popular views, but I'm not sure if they're actually true.

            The first supposition is that China owns a large portion of our debt - this one I can factually dispute based on numbers from: http://en.wikipedia.org/wiki/United_States_public_debt [wikipedia.org]

            Foreign and international own approximately 28% of our debt, and China owns 24% of the international debt. This means China only holds about 7% of our total debt.

            Second, and this is just my own supposition, I

            • Re:No, Seriously... (Score:5, Informative)

              by Rich0 (548339) on Thursday January 14, 2010 @07:59PM (#30773110) Homepage

              Sure in the future they might try to call the debt

              This seems to be a common misunderstanding. Holders of treasury bonds cannot "call the debt."

              When China buys US debt, they buy treasury bonds (or one of the half-dozen other names the same basic instrument sells under). A treasury bond is a promise to pay a stated sum of money on a given date.

              So, today I might buy a $100 treasury bond with a maturity of 2040. In 2040 I can turn in that bond for $100 in US dollars (cash or whatever) from the US government. In 2039 it can't be turned in for a dime. Now, in 2039 you could almost certainly sell it to somebody else for very close to $100. The way China makes money is that the $100 bond might have only cost them $20-30 or whatever to buy today. Bonds may also pay interest as well.

              The only thing China can do is stop buying new bonds and cash in their existing ones as they mature. The US never promised to give them money before the maturity date, so they are under no obligation to do so.

          • Re: (Score:3, Funny)

            by nanoakron (234907)

            What do they loose? The dogs?

            Personally, I'm more worried about one side or the other losing.

      • by shawn(at)fsu (447153) on Thursday January 14, 2010 @02:32PM (#30768082) Homepage

        What did Google and the rest of them expect, they got in to bed with a country that has little to no regard for the privacy of its own citizens, did Google honestly think they would be treated any different? I surely don't feel sorry for them. Google compromised so much in order to "compete in the world economy", and now they are shocked that they got bit?

        The Scorpion and the Turtle.

    • by Em Emalb (452530) <ememalb AT gmail DOT com> on Thursday January 14, 2010 @02:12PM (#30767688) Homepage Journal

      It's time, my friends:

      10 years ago, a crack commando unit was sent to prison by a military court for a crime they didn't commit. These men promptly escaped from a maximum security stockade to the Los Angeles underground. Today, still wanted by the government, they survive as hackers of fortune. If you have a problem with crackers, if no one else can help track them down, and if you can find them, maybe you can hire... The G-Team.

  • But... (Score:4, Insightful)

    by Anonymous Coward on Thursday January 14, 2010 @01:48PM (#30767220)

    It couldn't be them. China would never do anything wrong.

    That... or they'll just blame it on their status as a "developing nation" and that they shouldn't be held to the same standards as everyone else.

    • Re: (Score:3, Funny)

      by Serenissima (1210562)
      But we Chinese have such tiny penis! How could we do such things with such tiny penis? You Americans have such gargantuan penis that you so much better than us!





      (Yes, I do know that when South Park did this joke, they were really Japanese)
    • Re:But... (Score:5, Insightful)

      by a-zarkon! (1030790) on Thursday January 14, 2010 @02:00PM (#30767436)
      I am the last person to defend the Chinese government - but I read the article and it is not too clear on how they determined that the source is actually the Chinese government? Is it all based on the fact that the traffic is coming from certain IP addresses or is there (hopefully) more than just that to support the conclusion. Not advocating anyone trying to hack google, but if they did - pwning some unpatched pirated copy of Windows in China to use as a launching point wouldn't exactly be the worst approach to keep the heat from finding whoever was doing it.
      • Re:But... (Score:5, Funny)

        by Nerdfest (867930) on Thursday January 14, 2010 @02:12PM (#30767686)
        We know because we hacked their servers ... duh.
      • Re:But... (Score:4, Insightful)

        by FlyingBishop (1293238) on Thursday January 14, 2010 @02:13PM (#30767710)

        They traced it to Chinese government IPs. Unless China comes out and says they were hacked, and are working with Google to find the nature of the attack, that's pretty ironclad.

        • Re:But... (Score:5, Insightful)

          by Nerdfest (867930) on Thursday January 14, 2010 @02:15PM (#30767758)
          There's botnets running on government computers in most countries, China is probably not an exception. I'm not saying they didn't do it, just that IPs are not complete proof.
          • Re:But... (Score:5, Insightful)

            by geminidomino (614729) * on Thursday January 14, 2010 @02:48PM (#30768424) Journal

            There's botnets running on government computers in most countries, China is probably not an exception. I'm not saying they didn't do it, just that IPs are not complete proof.

            Nor does it have to be. China's government is screwed either way. If they claim they are not the attackers, but were working from owned machines, then their "perfection" and "infallibility" are gone. Given the inherent insecurity in authoritarian cocknozzles, that will hurt them where they live.

            OTOH, if they don't cop to being hacked themselves, they have no other defense to being the source of the attacks.

            Either way, they've gotten taken down a notch (and I bet you they are PISSED about it), and I'm betting that our own cocknozzles in DC are hoping they opt for the second approach. Nothing heavy will come from it, but we'll get a few more of their chips in the big game.

    • Re:But... (Score:5, Insightful)

      by eldavojohn (898314) * <[moc.liamg] [ta] [nhojovadle]> on Thursday January 14, 2010 @02:01PM (#30767438) Journal

      It couldn't be them. China would never do anything wrong.

      That... or they'll just blame it on their status as a "developing nation" and that they shouldn't be held to the same standards as everyone else.

      The original official notification of this from Google's Chief Legal Officer [blogspot.com] where he mentioned human rights advocates and human rights issues causes this to seem above the average security breach:

      Second, we have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists.

      I can understand how "We can't enforce copyright on software and music when we're busy lifting hundreds of millions of citizens out of poverty as a developing nation" works but I can't understand how "We need to arrest and persecute human rights activists because we're a developing nation" works.

  • by Tanman (90298) on Thursday January 14, 2010 @01:51PM (#30767260)

    Oh there's a big surprise! That's an incredible - I think I'm going to have a heart attack and die of not surprise!

  • Finally above ground (Score:5, Interesting)

    by mejogid (1575619) on Thursday January 14, 2010 @01:55PM (#30767336)
    It's hardly a secret that governments conduct cyber-espionage - what seems shocking in this instance is that they have been caught and that a major company, a telecoms giant and the US government have all gone on the offensive. This seems like a pretty dramatic shift, and you have to wonder what China's really done to provoke such a reaction after everyone's spent the last decade quietly appeasing them to try and get a foothold in their markets. It sounds like reading the subject lines of a few Chinese activists' emails is only the tip of the ice berg in this case, it'll be interesting to see what else has yet to be revealed.
    • Re: (Score:3, Interesting)

      by Delwin (599872) *
      Copenhagen.
    • Re: (Score:3, Insightful)

      by Slur (61510)

      Seriously, if all the corporations become as scrupulous as Google is suddenly seeming, it might end up giving Fascism a good name.

  • Our response is? (Score:4, Interesting)

    by zero_out (1705074) on Thursday January 14, 2010 @01:56PM (#30767362)
    So what are we going to do about it? By we, I mean we as:

    1. a body of corporations (those 20 or so affected)
    2. a nation
    3. a global community of nations (UN)
    4. a cybercommunity

    What can we do, and what is most likely to happen?
    • by copponex (13876) on Thursday January 14, 2010 @02:26PM (#30767952) Homepage

      1. a body of corporations (those 20 or so affected)

      Nothing of note. If they pull out publicly, they will continue to work with the Chinese through third parties. Shareholders don't give a damn about human rights or free speech. They just want their money.

      2. a nation

      They've already sold us poisoned toys and drywall. They've been using what amounts to slave labor for decades in order to provide cheap products. As long as the aforementioned shareholders are running things, you're not going to hear about the problems, and the American populace is too apathetic to sacrifice any amount of convenience.

      3. a global community of nations (UN)

      They'll pass some resolutions denouncing interference in the sovereign affairs of other countries. They'll slide in some language about Palestine or Iraq, and it will be vetoed by the US and Israel and maybe a pacific atoll that happens to have a bathroom.

      4. a cybercommunity

      Learn Chinese and troll MSN Spaces?

    • Re: (Score:3, Interesting)

      by Remus Shepherd (32833)

      1. Corporations will leave China, and forgo any possible profit there, or they won't. Up to them. Google seems to have made their choice.

      2. The nation has some soul-searching to do. I expect that the US government will do exactly nothing for a long time, while pleading that other crises are taking up all their attention. (Which, actually is a pretty good excuse right now.)

      3. The UN will do nothing. Cyberwarfare is not something the UN is chartered to police, and not something they care about, and ev

  • SHOCKING (Score:5, Interesting)

    by Monkeedude1212 (1560403) on Thursday January 14, 2010 @01:58PM (#30767384) Journal

    Who didn't see that one coming from a mile away? I called it the moment I read that there was a sophisticated attack on Google.

    Whether its all fabricated or not, I like the idea of Google pulling out of China. Google is one of the leading innovators in the western world - and by keeping their services out of China it sends a message to the government: Stop Oppression.

    • Re: (Score:3, Insightful)

      by T Murphy (1054674)
      I don't expect there's much surprise that the Chinese government was behind the attacks, but usually we can't do anything about it because we can't prove they did it. Google is saying they can, which suddenly brings this from muttering about China to companies and governments being forced to confront the issue in fear of explicitly giving in to China's every whim, as opposed to the implicit submission we've seen so far.
      • Re: (Score:3, Insightful)

        by gtall (79522)

        I think your observation is apropos but could be strengthened a bit. Let's take it as writ that China's government is stealing. No doubt they have been stealing from Google as well. So in a world where information and its flow is your breadbasket, stealing information is like poking holes in the pipes leading to Google (1) losing control of information they are monetizing, (2) losing control over their own IP which is all that keeps them a step above their competitors (such as Baidu and a Chinese governmen

  • Write Google (Score:5, Insightful)

    by WiiVault (1039946) on Thursday January 14, 2010 @01:58PM (#30767390)
    and tell them how proud you are that they finally took a stance befitting their "do no evil" stance. Better late than never, and they deserve our support for this courageous action. I for one have changed my mind about them significantly based on this single action alone.
    • Re: (Score:3, Informative)

      by Dutchie (450420)
      Curious what people think about Google's actions. Vote on: Don't be evil [3dn.nl].
  • Consequences? (Score:4, Insightful)

    by psherma1 (1082607) on Thursday January 14, 2010 @02:00PM (#30767418)
    If the EU can fine a US company for what amounted to unfair business practices, what should the US do to China? Debt? What debt?
  • by Anonymous Coward on Thursday January 14, 2010 @02:04PM (#30767538)

    Working for a Defense contractor, one of our systems was compromised. Fortunately, the idiot who gained access screwed up SSH which alerted us to what was going on, and prevented them from erasing their tracks. All SSH connections were from computers in China. They've been doing this for years, and no one has really called them on it until now. It takes Google to make a big enough splash before anyone really pays attention to it.

  • by toejam13 (958243) on Thursday January 14, 2010 @02:08PM (#30767606)
    ...embargo on!
  • Unleash the hounds (Score:5, Interesting)

    by dave562 (969951) on Thursday January 14, 2010 @02:20PM (#30767820) Journal

    The Wall Street Journal had a great article about some of the details behind the scenes of this particular incident, and also another article that did a good job of summarizing what has been discussed here over the last couple of years. The main stream media is openly stating that the People's Liberation Army is actively encouraging "citizen cyber militias" to conduct "cyber attacks" (good Lord how I hate that term) against foreign (read, United States) corporations. Although they haven't gone so far as to state that those militias have active backing of the government, they have said that the government is turning a blind eye to their activities. Furthermore, the WSJ goes on to state that there are United States agencies involved in similar espionage activities.

    Given that background, it seems like hacking Chinese companies should be fair game for up and coming "security researchers" here in the United States. In the 1990s the United States government made it quite clear that they were going to come down hard on people who mess with government and Fortune 500 systems. Given the option between really securing the systems and punishing those who exploit the lack of security, they went with the latter. A lot of people, myself included, decided that once we turned 18 and faced the threat of real Federal prosecution, the wise move was to turn off the war dialers, stop snarfing ESN/MIN pairs out of the air, and stop trying to run exploit code against computers that we don't control.

    We can't hone our craft in the United States anymore. Although there is a whole market for securing IT resources against attack, there isn't a playground to pick up skills in. My suggestion is that China is that playground. My suggestion is that Chinese corporations in the United States are the targets. I mean lets face it, there are hundreds of thousands of compromised computers in the United States. The United States government can't be held accountable for malicious activity directed toward Chinese corporations. It would be unfortunate for those entities to be DDoS'd. It would be unfortunate for their internal workstations to be the target of vulnerability research.

  • by sydneyfong (410107) on Thursday January 14, 2010 @02:21PM (#30767822) Homepage Journal

    I can't find the link to the actual report in TFA.

    I don't doubt that there's a strong suggestion that the Chinese government was somehow involved in the intrusion attempts mentioned by Google, and generally it isn't Google's habit to lie or deceive in these high profile matters.

    But two days after the Google announcement a report comes out saying "yes it's the Chinese government, yes it's them!"? Without obvious links to the actual report?

    I just sense it's just the "security companies" trying to ride the PR bandwagon. I mean, it's just on everybody's mind, and "somebody had to say it out aloud". So you cobble together related bits and pieces and make a grand pronouncement, making everybody happy. But does it prove anything? Not until we find the evidence. Until then it's all just hearsay.

    Besides, would you really base your conclusions on findings from "VeriSign's iDefense security lab"? From the company who tried to f*ck up NXDOMAIN?

    This is not the end of the story. I suspect more juicy bits will come through.

  • by MobyDisk (75490) on Thursday January 14, 2010 @02:22PM (#30767848) Homepage

    The premise is that China hacked Google to access the accounts of these Chinese Human rights activists. Given that Google already complies with Chinese law, why did China not openly contact Google over this?

  • by motherjoe (716821) on Thursday January 14, 2010 @02:34PM (#30768116)

    In the article it says they located the Command and Control box. I did a little investigation of my own and see what they mean. It's oh so obvious this was perpetrated by the Chinese government. Just look at the facts!

    joe@joe-nix:~$ whois PwnedC&CServer.org
    NOTICE: Access to .ORG WHOIS information is provided to assist persons in
    determining the contents of a domain name registration record in the Public Interest Registry
    registry database. The data in this record is provided by Public Interest Registry
    for informational purposes only, and Public Interest Registry does not guarantee its
    accuracy. This service is intended only for query-based access. You agree
    that you will use this data only for lawful purposes and that, under no
    circumstances will you use this data to: (a) allow, enable, or otherwise
    support the transmission by e-mail, telephone, or facsimile of mass
    unsolicited, commercial advertising or solicitations to entities other than
    the data recipient's own existing customers; or (b) enable high volume,
    automated, electronic processes that send queries or data to the systems of
    Registry Operator or any ICANN-Accredited Registrar, except as reasonably
    necessary to register domain names or modify existing registrations. All
    rights reserved. Public Interest Registry reserves the right to modify these terms at any
    time. By submitting this query, you agree to abide by this policy.

    Domain ID:D2289308-LROR
    Domain Name:PwnedC&CServer.org
    Created On:05-Oct-1997 04:00:00 UTC
    Last Updated On:11-Dec-2009 20:14:46 UTC
    Expiration Date:04-Oct-2010 04:00:00 UTC
    Sponsoring Registrar:Tucows Inc. (R11-LROR)
    Status:OK
    Registrant ID:Bob@PRC.gov
    Registrant Name:Host Master
    Registrant Organization:People's Republic of China, duh!
    Registrant Street1:Main Street
    Registrant Street2:HQ for Cyber Warface against Capitalistic West
    Registrant Street3:
    Registrant City:Bejing
    Registrant State/Province:
    Registrant Postal Code:
    Registrant Country:CN
    Registrant Phone:+1-800-Yur-Pwnd
    Registrant Phone Ext.:
    Registrant FAX:
    Registrant FAX Ext.:
    Registrant Email:Bob@PRC.gov

Passwords are implemented as a result of insecurity.

Working...