San Francisco: Even before Google threatened to pull out of China in response to an attack on its computer systems, the company was notifying activists whose e-mail accounts might have been compromised by hackers.
In a world where vast amounts of personal information stored online can quickly reveal a network of friends and associates, Google's urge to protect individuals from government surveillance required quick action. In early January, Tenzin Seldon, a 20-year-old Stanford student and Tibetan activist, was told by university officials to contact Google because her Gmail account had been hacked.
Seldon, the Indian-born daughter of Tibetan refugees, said she immediately contacted David Drummond, Google's chief legal officer.
Seldon immediately changed her password and became more careful of what she wrote. She also allowed Google to examine her personal computer at the company's request. Google returned it earlier this week saying that while no viruses or malware had been detected, her account had indeed been entered surreptitiously.
Drummond said that an attack originating in China was aimed at its corporate infrastructure. While the full scope of the attacks on Google and several dozen other companies remain unclear, they are of concern to the Obama administration, the FBI and national security officials.
Google said on Tuesday that that in its investigation of the attacks on corporations, it found that the Gmail accounts of Chinese and Tibetan activists, like Seldon, had been compromised in separate incidents involving phishing and spyware.
Adobe, a software maker, said it had been the victim of an attack but said that it did not know if it was linked to the hacking of Google. Some reports suggested that Yahoo had been a victim, but a person with knowledge said that Yahoo did not think that it been subject to the same attack as Google.
Google's description of the attacks closely matches a vast surveillance system called Ghostnet that was reported in March by a group of Canadian researchers based at the Munk Center for International Studies at the University of Toronto. They found that a highly automated espionage system based in China was using targeted e-mail messages to compromise thousands of computers located in hundreds of governmental organizations. In each case, after the computers were controlled by the attackers, they were able to scan for documents that were then stolen and transferred to a digital storage facility in China.
For years there have been reports of attacks planned by so-called patriotic hackers in China, and many American security specialists argue that these are simply irregular elements of the People's Liberation Army. At the same time, hackers frequently use so-called false flag espionage or denial of service attacks to route their activities through the computers of a third country and hide their identities.
One of the Canadian researchers said that fellow computer security researchers suspected that the attack on Google and other recent intrusions relied on hackers sending booby-trapped electronic documents that were stored in Adobe's Acrobat Reader format, which then infect victims' computers. This method was seen in a recent wave of attacks on the Dali Lama's computers that they suspect was mounted by the Chinese government.
"We've seen a huge upsurge in attacks using Adobe Acrobat," said Greg Walton, an editor at Information Warfare Monitor, a publication of the Canadian research group.
A spokeswoman for Adobe said the company was investigating the reports, but could not yet confirm that the Adobe software was linked to the most recent incidents.
For Google, the attacks appeared to have been the final straw in a frustrating series of confrontations with Chinese authorities.
Top Google executives, including the chief executive, Eric Schmidt, and the co-founders, Larry Page and Sergey Brin, were ambivalent about the decision to go into China in 2006, which involved agreeing to censor some search results on the company's local search engine, according to a former executive with knowledge of the discussions. The resistance was particularly strong from Brin, who had grown up in the Soviet Union.
But after lengthy discussions, and internal lobbying from Chinese and Chinese-American employees inside Google, as well as some of the company's sales executives, Google's top executives agreed. They were particularly swayed by the argument that even a censored version of Google's search engine would provide Chinese people more access to information and help promote free expression in that country.
Once the decision was made, however, Google began expanding its operation in China, which it expected would grow to be one of the largest Internet markets. During Schmidt's 2006 visit to China, shortly after Google introduced the company's China-based search engine, Google.cn, he told reporters that it would be "arrogant" to try to change China's censorship laws.
But repeated clashes with Chinese authorities caused Google's officials to reconsider its decision on multiple occasions, the former executives said. Things almost collapsed in 2008, when Chinese government officials asked Google to censor results not only on Google.cn but also on Google.com. the company's English-language search engine. Google refused, and sometime after the 2008 Olympics, Chinese officials dropped the issue.
Google now says it thinks that its attempt to help bring openness to China has failed.
"We were looking at an environment that is more difficult than it was when we started," Drummond said in an interview on Tuesday. "Far from our presence helping to open things up, it seems that things are getting tighter for open expression and freedom."
Robert Gibbs, the White House press secretary, said Wednesday that the White House had been briefed by Google on the company's decision. However, he declined to describe what actions the government might take in response to the claims of Chinese-directed Internet attacks.
"The recent cyber-intrusion that Google attributes to China is troubling and the federal government is looking into it," said a White House spokesman, Nicholas Shapiro. He said that the president had stated that Internet freedom was a central human-rights issue on a recent China trip. He also said that the president had made Internet security a national priority.
Gabriel Stricker, a Google spokesman, said Google's decision to publicize the attacks was motivated in part by its desire to alert activists that their accounts could have been compromised.
The attacks present a challenge for the Obama administration which last year debated the role of a federal Internet security adviser. The administration is grappling on how to balance stricter security controls and the freedom of technology companies to innovate.
Several Internet security specialists were quick to point out that a group within the White House led by Lawrence H. Summers, the national economic adviser, had pointed to Google in debates on the appointment as an example of an innovative Silicon Valley company that might be hamstrung by draconian new Internet security restrictions.
"It's ironic that the new economy folks at the White House were pushing back against faster movement on cybersecurity to protect companies like Google from stricter regulations," said James Lewis, an Internet security specialist at the Center for Strategic and International Studies in Washington. Last year Lewis led a bipartisan study calling for the creation of a strong Internet czar reporting directly to the president to combat a rash of new security threats.
The White House said Tuesday that Robert A. Schmidt, a compromise candidate who was chosen last month to be the Internet security adviser, would not formally start in the position until later in the month.
In a world where vast amounts of personal information stored online can quickly reveal a network of friends and associates, Google's urge to protect individuals from government surveillance required quick action. In early January, Tenzin Seldon, a 20-year-old Stanford student and Tibetan activist, was told by university officials to contact Google because her Gmail account had been hacked.
Seldon, the Indian-born daughter of Tibetan refugees, said she immediately contacted David Drummond, Google's chief legal officer.
Seldon immediately changed her password and became more careful of what she wrote. She also allowed Google to examine her personal computer at the company's request. Google returned it earlier this week saying that while no viruses or malware had been detected, her account had indeed been entered surreptitiously.
Advertisement
Drummond said that an attack originating in China was aimed at its corporate infrastructure. While the full scope of the attacks on Google and several dozen other companies remain unclear, they are of concern to the Obama administration, the FBI and national security officials.
Advertisement
Google said on Tuesday that that in its investigation of the attacks on corporations, it found that the Gmail accounts of Chinese and Tibetan activists, like Seldon, had been compromised in separate incidents involving phishing and spyware.
Advertisement
Adobe, a software maker, said it had been the victim of an attack but said that it did not know if it was linked to the hacking of Google. Some reports suggested that Yahoo had been a victim, but a person with knowledge said that Yahoo did not think that it been subject to the same attack as Google.
Advertisement
Google's description of the attacks closely matches a vast surveillance system called Ghostnet that was reported in March by a group of Canadian researchers based at the Munk Center for International Studies at the University of Toronto. They found that a highly automated espionage system based in China was using targeted e-mail messages to compromise thousands of computers located in hundreds of governmental organizations. In each case, after the computers were controlled by the attackers, they were able to scan for documents that were then stolen and transferred to a digital storage facility in China.
Advertisement
For years there have been reports of attacks planned by so-called patriotic hackers in China, and many American security specialists argue that these are simply irregular elements of the People's Liberation Army. At the same time, hackers frequently use so-called false flag espionage or denial of service attacks to route their activities through the computers of a third country and hide their identities.
One of the Canadian researchers said that fellow computer security researchers suspected that the attack on Google and other recent intrusions relied on hackers sending booby-trapped electronic documents that were stored in Adobe's Acrobat Reader format, which then infect victims' computers. This method was seen in a recent wave of attacks on the Dali Lama's computers that they suspect was mounted by the Chinese government.
"We've seen a huge upsurge in attacks using Adobe Acrobat," said Greg Walton, an editor at Information Warfare Monitor, a publication of the Canadian research group.
A spokeswoman for Adobe said the company was investigating the reports, but could not yet confirm that the Adobe software was linked to the most recent incidents.
For Google, the attacks appeared to have been the final straw in a frustrating series of confrontations with Chinese authorities.
Top Google executives, including the chief executive, Eric Schmidt, and the co-founders, Larry Page and Sergey Brin, were ambivalent about the decision to go into China in 2006, which involved agreeing to censor some search results on the company's local search engine, according to a former executive with knowledge of the discussions. The resistance was particularly strong from Brin, who had grown up in the Soviet Union.
But after lengthy discussions, and internal lobbying from Chinese and Chinese-American employees inside Google, as well as some of the company's sales executives, Google's top executives agreed. They were particularly swayed by the argument that even a censored version of Google's search engine would provide Chinese people more access to information and help promote free expression in that country.
Once the decision was made, however, Google began expanding its operation in China, which it expected would grow to be one of the largest Internet markets. During Schmidt's 2006 visit to China, shortly after Google introduced the company's China-based search engine, Google.cn, he told reporters that it would be "arrogant" to try to change China's censorship laws.
But repeated clashes with Chinese authorities caused Google's officials to reconsider its decision on multiple occasions, the former executives said. Things almost collapsed in 2008, when Chinese government officials asked Google to censor results not only on Google.cn but also on Google.com. the company's English-language search engine. Google refused, and sometime after the 2008 Olympics, Chinese officials dropped the issue.
Google now says it thinks that its attempt to help bring openness to China has failed.
"We were looking at an environment that is more difficult than it was when we started," Drummond said in an interview on Tuesday. "Far from our presence helping to open things up, it seems that things are getting tighter for open expression and freedom."
Robert Gibbs, the White House press secretary, said Wednesday that the White House had been briefed by Google on the company's decision. However, he declined to describe what actions the government might take in response to the claims of Chinese-directed Internet attacks.
"The recent cyber-intrusion that Google attributes to China is troubling and the federal government is looking into it," said a White House spokesman, Nicholas Shapiro. He said that the president had stated that Internet freedom was a central human-rights issue on a recent China trip. He also said that the president had made Internet security a national priority.
Gabriel Stricker, a Google spokesman, said Google's decision to publicize the attacks was motivated in part by its desire to alert activists that their accounts could have been compromised.
The attacks present a challenge for the Obama administration which last year debated the role of a federal Internet security adviser. The administration is grappling on how to balance stricter security controls and the freedom of technology companies to innovate.
Several Internet security specialists were quick to point out that a group within the White House led by Lawrence H. Summers, the national economic adviser, had pointed to Google in debates on the appointment as an example of an innovative Silicon Valley company that might be hamstrung by draconian new Internet security restrictions.
"It's ironic that the new economy folks at the White House were pushing back against faster movement on cybersecurity to protect companies like Google from stricter regulations," said James Lewis, an Internet security specialist at the Center for Strategic and International Studies in Washington. Last year Lewis led a bipartisan study calling for the creation of a strong Internet czar reporting directly to the president to combat a rash of new security threats.
The White House said Tuesday that Robert A. Schmidt, a compromise candidate who was chosen last month to be the Internet security adviser, would not formally start in the position until later in the month.
COMMENTS
Advertisement
3 Students Dead After Flooding In Delhi Coaching Centre Basement At Olympics Opening Ceremony, Drag Parody Of 'The Last Supper' Draws Flak Kamala Harris Cuts Down Donald Trump's Lead Sharply, Show Latest Polls "Will Pay Heavy Price": Netanyahu Warns Hezbollah After Air Strike Kills 11 "Will Pay Heavy Price": Netanyahu Warns Hezbollah After Strike Kills 10 "It's British. We're Used To Rain": UK PM Shrugs Off Paris Olympics Photo Track Latest News Live on NDTV.com and get news updates from India and around the world.