Author Topic: Google, Citing Attack, Threatens to Exit China [FIXED :) ]  (Read 47945 times)

0 Members and 1 Guest are viewing this topic.

Hermite15

  • Guest
Google, Citing Attack, Threatens to Exit China [FIXED :) ]
« on: January 13, 2010, 10:38:04 AM »
http://www.nytimes.com/2010/01/14/world/asia/14beijing.html
http://www.bloomberg.com/apps/news?pid=20601087&sid=aTw_G7T4pEtE&pos=9

http://googleblog.blogspot.com/2010/01/new-approach-to-china.html
http://www.uscc.gov/researchpapers/2009/NorthropGrumman_PRC_Cyber_Paper_FINAL_Approved%20Report_16Oct2009.pdf

Quote
A new approach to China
1/12/2010 03:00:00 PM
Like many other well-known organizations, we face cyber attacks of varying degrees on a regular basis. In mid-December, we detected a highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property from Google. However, it soon became clear that what at first appeared to be solely a security incident--albeit a significant one--was something quite different.

First, this attack was not just on Google. As part of our investigation we have discovered that at least twenty other large companies from a wide range of businesses--including the Internet, finance, technology, media and chemical sectors--have been similarly targeted. We are currently in the process of notifying those companies, and we are also working with the relevant U.S. authorities.

Second, we have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists. Based on our investigation to date we believe their attack did not achieve that objective. Only two Gmail accounts appear to have been accessed, and that activity was limited to account information (such as the date the account was created) and subject line, rather than the content of emails themselves.

Third, as part of this investigation but independent of the attack on Google, we have discovered that the accounts of dozens of U.S.-, China- and Europe-based Gmail users who are advocates of human rights in China appear to have been routinely accessed by third parties. These accounts have not been accessed through any security breach at Google, but most likely via phishing scams or malware placed on the users' computers

Quote
These attacks and the surveillance they have uncovered--combined with the attempts over the past year to further limit free speech on the web--have led us to conclude that we should review the feasibility of our business operations in China. We have decided we are no longer willing to continue censoring our results on Google.cn, and so over the next few weeks we will be discussing with the Chinese government the basis on which we could operate an unfiltered search engine within the law, if at all. We recognize that this may well mean having to shut down Google.cn, and potentially our offices in China.

« Last Edit: March 22, 2010, 09:34:56 PM by Logos »

Offline Chris Thomas

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1936
  • Christian Geek - aka 'born again' Geek
Re: Google, Citing Attack, Threatens to Exit China
« Reply #1 on: January 13, 2010, 11:22:27 AM »
I read this here

http://news.bbc.co.uk/2/hi/business/8455712.stm

It is very difficult for companies like Google to work in China becoz of human rights issue.

I think everyone must follow suit

Hermite15

  • Guest
Re: Google, Citing Attack, Threatens to Exit China
« Reply #2 on: January 13, 2010, 12:03:34 PM »
Unfortunately China has also "Baidu", a local search engine that has already 65% market share in China, and complying with any government censorship requirement...

Hermite15

  • Guest
Re: Google, Citing Attack, Threatens to Exit China
« Reply #3 on: January 13, 2010, 12:19:08 PM »
interesting, and unfortunately not what we (I) would have expected...
http://www.washingtonpost.com/wp-dyn/content/article/2010/01/13/AR2010011300771.html

Offline Chris Thomas

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1936
  • Christian Geek - aka 'born again' Geek
Re: Google, Citing Attack, Threatens to Exit China
« Reply #4 on: January 13, 2010, 03:36:05 PM »
@ Logos

Baidu's relation with Google goes back many years.

Baidu shares were owned by Google right. I think they offloaded 2.5% of the shares in 2006.

It is a wonder why every tech company is ready to obey the communist government of China.

Human rights must be valued more than millions of dollars

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33669
  • malware fighter
Re: Google, Citing Attack, Threatens to Exit China
« Reply #5 on: January 13, 2010, 04:18:47 PM »
Hi malware fighters,

Google and Adobe came under attack by hackers seeking after source code. They finally admitted this:
http://www.wired.com/threatlevel/2010/01/google-hack-attack
The hackers now use unpatched Adobe holes and prepared PDF-documents, GData already warned PDF is a a priori unsafe extension. Google admitted to the attack as the above poster here, Chris Thomas, cites.
Advisory against the hacks here: http://www.adobe.com/support/security/bulletins/apsb10-02.html
The attacks differed from those in June but the same command and control servers have been used to perform them,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Hermite15

  • Guest
Re: Google, Citing Attack, Threatens to Exit China
« Reply #6 on: January 13, 2010, 04:26:12 PM »
I don't think that's doable, but following this it would be nice to find a way to prevent Baidu from indexing anything out of China   ;D or do that clicking on any EU/US link in a Baidu search bounces back to...Baidu.

Offline Chris Thomas

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1936
  • Christian Geek - aka 'born again' Geek
Re: Google, Citing Attack, Threatens to Exit China
« Reply #7 on: January 13, 2010, 05:03:09 PM »
Hmm....

The Chinese government does a lot of smiling  ;D

They heavy dump their products into countries and protect their companies

No country have the guts to take them to the WTO

Because the Chinese are bankrolling many countries in the UN and have their support as a result.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33669
  • malware fighter
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Chris Thomas

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1936
  • Christian Geek - aka 'born again' Geek
Re: Google, Citing Attack, Threatens to Exit China
« Reply #9 on: January 14, 2010, 09:16:19 AM »
I think we must turn on the SSL in Gmail as our default settings

Hermite15

  • Guest
Re: Google, Citing Attack, Threatens to Exit China
« Reply #10 on: January 14, 2010, 10:04:10 AM »
I think we must turn on the SSL in Gmail as our default settings
Quote
Google flips default switch for always-on Gmail crypto
http://www.theregister.co.uk/2010/01/13/gmail_default_encryption/
« Last Edit: January 14, 2010, 11:09:12 AM by Logos »

Hermite15

  • Guest
Re: Google, Citing Attack, Threatens to Exit China
« Reply #11 on: January 14, 2010, 01:31:37 PM »
more here and how hackers operate:
http://online.wsj.com/article/SB10001424052748704281204575002573024282764.html?mod=googlenews_wsj

Quote
Analysts say hackers around the world, especially from China, frequently attack Taiwan companies' computers by installing software through Trojan horses and backdoors. The attacked computers are referred to as "zombie computers" or victims of a "botnet," which let hackers control them remotely. Taiwan's robust Internet network has also made it appealing to international hackers. "Taiwan's internet infrastructure is well established, and computers are highly popular, which means [hackers] can easily find problematic computers to attack," said Steven Tsai, senior engineer of Taiwan's National Center for High Performance Computing

(if you launch the link to this article from Google news, you'll get the entire article without having to be a subscriber)
« Last Edit: January 14, 2010, 01:40:55 PM by Logos »

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33669
  • malware fighter
Re: Google, Citing Attack, Threatens to Exit China
« Reply #12 on: January 14, 2010, 08:43:39 PM »
Hi malware fighters,

With the ongoing succesful attacks on Google and Adobe companies may consider blocking all Internet traffic from and to China, this is the vision of security expert Timothy "Thor" Mullen, who wrote an article one and a half years ago on completely blocking certain countries on the Internet. Now China is hot news again, he points to this. "I like to point out tools to you one could get from the site Hammer of God to have some party block all traffic from and to China or whatever country via ISA/TMG." He himself has been blocking China for years and years because the whole of the Chinese network is full of cyber criminals and hackers." (N.B. his vision - not mine).

Mullen writes in his article about various technologies to block countries according to IP- and port numbers. "Geographically blocking traffic might be a good idea I think. It is according to principles like security-in-depth and least-rights." Blocking traffic to and from a country may work, but it is not a panacea for every situation. Some companies cannot have such an official policy, according to Mullen. "And that is fine, but whenever you can, know you can make simple report and policies to jelp secure your infrastructure.
Links:
http://www.hammerofgod.com/home.html
http://www.securityfocus.com/infocus/1900/1
Other Chinese attacks: http://www.msnbc.msn.com/id/34855470/ns/technology_and_science-washington_post/
http://www.reuters.com/article/idUSTRE60D0C120100114
On the other hand one must also think about this background of the momentary conflict, the position of Baidu (77% of the Chinese search market) versus Google.cn:
http://brainstormtech.blogs.fortune.cnn.com/2009/12/28/google-v-baidu-which-company-will-win-china/

polonus
« Last Edit: January 14, 2010, 08:49:15 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Hermite15

  • Guest
Re: Google, Citing Attack, Threatens to Exit China
« Reply #13 on: January 15, 2010, 12:31:37 AM »
OK fine but as mentioned in the article I linked to above, they're using Taiwanese proxies so  ???  ;D

Quote
People familiar with the attacks say the hackers tried to mask their identity by routing their efforts through six Internet addresses located in Taiwan, a common tactic used by Chinese hackers.

Five of the six addresses were owned by Era Digital Media Co., a company that provides television programs and movies through the Internet. Era Digital, which has some 800,000 daily viewers, said it wasn't aware of the attack and declined to comment further. The sixth address is owned by Qi Wei Technology Co., a financial software provider. Qi Wei said it had stopped using the relevant address in June.

Lee Hsiang-chen, director of Taiwan National Police Agency's High-tech Criminal Center, said the two companies were likely victims themselves. "The two companies were probably attacked," he said, adding that Chinese hackers prefer to infiltrate Taiwan Web sites because they use the same language
« Last Edit: January 15, 2010, 12:02:20 PM by Logos »

Hermite15

  • Guest
Re: Google, Citing Attack, Threatens to Exit China
« Reply #14 on: January 15, 2010, 12:19:54 PM »
Quote
Ballmer: Microsoft Will Stay in China
http://www.pcworld.com/businesscenter/article/186964/ballmer_microsoft_will_stay_in_china.html

also, and a French article mentioned Balmer didn't acknowledge that yet, but MS was considering the possible flaw in IE:
Quote
Operation “Aurora” Hit Google, Others...
McAfee Labs has been working around the clock, diving deep into the attack we are now calling Aurora that hit multiple companies and was publicly disclosed by Google on Tuesday.  

We are working with multiple organizations that were impacted by this attack as well as the government and law enforcement. As part of our investigation, we analyzed several pieces of malicious code that we have confirmed were used in attempts to penetrate several of the targeted organizations.

New Internet Explorer Zero Day
In our investigation we discovered that one of the malware samples involved in this broad attack exploits a new, not publicly known vulnerability in Microsoft Internet Explorer. We informed Microsoft about this vulnerability and Microsoft published an advisory and a blog post on the matter on Thursday afternoon.
http://siblog.mcafee.com/cto/operation-%E2%80%9Caurora%E2%80%9D-hit-google-others/
http://www.zdnet.fr/actualites/informatique/0,39040745,39712246,00.htm
(there's a CNBC interview embedded in this article from Balmer)

see here:
http://www.cnbc.com/id/15840232?video=1385649601&play=1
« Last Edit: January 15, 2010, 12:33:03 PM by Logos »