China Hacks Google, Etc.

Home / Blogs

China Hacks Google, Etc.

	By Gadi Evron Security Strategist
	January 15, 2010 Views: 16,403 Comments: 3

Many news sources are reporting on how Google and other corporations were hacked by China.

The reports, depending on vendor, blame either PDF files via email as the original perpetrator, or lay most of the blame on an Internet Explorer 0day.

Unlike my colleagues (save for the ones reporting), I rather not discuss this too much before more data is available.

Regardless of what really happened, which I hope we will know more on later, these things are clear:

1. Unlike GhostNet, which showed an interesting attack, but unfortunately many of us jumped to conclusions without evidence that it was China behind them—based on Ethos alone I’d like to think that when Google says China did it, they know. Although being a commercial company with their own agenda, I am saving final judgment.

2. The 0day disclosed here shows a higher level of sophistication, as well as m.o. which has been shown to be used by China in the past.

3. If this was China, which some recent talk seems to make ambiguous, but still likely; they would have more than just one weapon in their arsenal.

4. This incident has brought cyber security once again to the awareness of the public, in a way no other incident since Georgia has succeeded, and to political awareness in a way no incident since Estonia has done.

Update: Text corrected as per comment below.

By Gadi Evron, Security Strategist

Filed Under

Comments

Ghostnet Report Ron Deibert – Jan 15, 2010 6:05 PM

Mr. Evron apparently has never read the Ghostnet report, or is misinformed. Either way, what he says above about us drawing the conclusion that “China was to blame” is factually incorrect.

On the contrary, we go to great lengths in our report to draw out alternative explanations, which can be found beginning on page 46:

here

I suggest you read the report, Mr. Evron, before you make such a misinformed statement.

Ron Deibert, Director, the Citizen Lab, Principal Investigator, Information Warfare Monitor.

# 1 Reply | Link | Report Problems

Ron,You are absolutely right, I am wrong.In Gadi Evron – Jan 15, 2010 6:17 PM

Ron,

You are absolutely right, I am wrong.
In fact, my respect for your work is exactly why you are mentioned as item #1, before the current incident.

What I wrote:
“1. Unlike GhostNet, which showed an interesting attack but jumped to conclusions without evidence that it was China behind them”

What was supposed to be written:
“.. an interesting attack, but unfortunately many of us jumped to conclusions without evidence that it was China behind them”, which is what I said at the time, and which also highlights the same thing happening now as I discuss in item #3.

I apologize for this error, and it will be corrected shortly. If such an unfortunate error occurs again, please drop me a line.

# 2 Reply | Link | Report Problems

thanks Ron Deibert – Jan 16, 2010 2:12 AM

Mr Evron

Thanks for the explanation—I understand how this could happen and I appreciate the clarification.

Best wishes
Ron

# 3 Reply | Link | Report Problems

The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet