Google Taking on China is One Giant Taking on Another
At at time when the Australian Defence Force is marking the formal establishment of their Cyber Security Operations Centre, state level Information Security attacks are all over the news.
Google recently stunned the world when it suddenly published details of an attack against it and some of the GMail accounts that it manages for Chinese human rights supporters, and took the surprise tactic of threatening to pull out of China completely in protest of what was widely seen as state-sponsored attacks against the company. A change in the censorship applied to Google searches within China was just part of the posturing that began immediately and is sure to be a sticking point for the Chinese government representatives when the two sides sit down to negotiate a peaceful way forward.
Competing China-based search engine, Baidu, claimed that the move was financially driven - a claim that looks reasonable on the surface, given that Google has only around a third of the Chinese search market, compared to Baidu's share of over 60%.
Attacks were targeted against Chinese human rights activists and their online mail accounts held with Google, though the attack apparently was not successful at gaining access to the content of emails (subject lines were accessible). Other supporters of Chinese human rights, based outside of China, apparently had their accounts accessed as well, though through vulnerabilities on the user's systems and not through compromised Google systems.
The attack against Google has been linked to other companies, including networking equipment manufacturer Juniper, and search competitor Yahoo!. Adobe have also reported a major attack against their systems and those of their clients. There have been recent claims that the attack was the result of an insider in Google's own China offices.
From vulnerabilities in Adobe Reader and Acrobat, to vulnerabilities in Internet Explorer, there is a lot of information, claims, counter-claims, rumour and general speculation flying around the Internet about the attacks. Microsoft issued an advisory about the 0-day vulnerability in Internet Explorer that led to the initial attacks, and has since followed it up with more information about the nature of the attacks and vulnerability, including the general availability of exploit code that reliably works against Internet Explorer 6.
It has been speculated that the whole set of attacks could have been funded from a budget of less than $50,000 USD, including the cost of purchasing the vulnerabilities and exploit frameworks on the black market. Blended attacks, with a combination of threats and approaches seems to have been what succeeded in the end.
With companies and their networks under almost constant assault, why does the partial breach of two email accounts lead to such a massive incident? Baidu's claims that Google is just being opportunistic with this particular attack do seem to be reasonable, though Google claims otherwise. Watching a company that started out as just another search engine have the clout to take on a major nation-state so openly is simply amazing and the results are going to have widespread effects for government-business relationships not only in China, but also globally. Trade disputes, when large enough, have involved governments arguing it out, but rarely has it been a sole company taking on a government directly.
Lines are being drawn in the sand between companies and governments and all manner of parties. Yahoo and Alibaba can't seem to keep out of the fight and as each day passes, more parties seem to be drawn into the dispute and taking sides.
The widespread publicity that this set of cases is receiving is eye-opening and it has seen governments start to issue advice against using Internet Explorer.
It doesn't really matter who wins in the end, it has shown that it is possible for a company to become so powerful as a result of the Internet and managing information that it can quite feasibly stand up to a government for something it has taken offence to.
20 January 2010
Social bookmark this page at eKstreme.
Alternatively, Bookmark or Share via AddThis
Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.
Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.
Comments will soon be available for registered users.
Subscribe to our feed.