VeriSign Confirms Chinese Government Behind Google Attack

19 Comments

A-Chinese-Google-user-wit-001

Ars Technica is reporting that VeriSign’s iDefense lab has traced the attack on Google and over 30 other companies to the Chinese government. The cyber attack occurred late December and targeted Google and other companies in an attempt to extract information about political dissidents.

The iDefense report points to malicious code that was deployed in PDF files that were crafted to exploit a vulnerability in Adobe’s software. According to the report: “the source IPs and drop server of the attack correspond to a single foreign entity consisting either of agents of the Chinese state or proxies thereof.”

VeriSign’s iDefense Lab believes that this attack originates from the same source as another recent attack which happened back in July, suggesting the Chinese government is mounting an all out war on US companies and their intellectual property.

“The servers used in both attacks employ the HomeLinux DynamicDNS provider, and both are currently pointing to IP addresses owned by Linode, a US-based company that offers Virtual Private Server hosting. The IP addresses in question are within the same subnet, and they are six IP addresses apart from each other,” the report says. “Considering this proximity, it is possible that the two attacks are one and the same, and that the organizations targeted in the Silicon Valley attacks have been compromised since July.”

While trade sanctions may be too harsh, the Chinese government needs to be sent a message that this sort of behavior is totally unacceptable and won’t be tolerated. Google have stated that in light of the attacks, they may be fully closing operations in China and shutting down Google.cn. This is tragic for the Chinese, as access to information should be free for everyone, regardless of their political views.

Will this have any impact on RIM increasing its presence in China? Not likely. But you have to consider what the Chinese government will demand of RIM, once “dissidents” are found sending emails from their BlackBerry and organizing themselves through BlackBerry Messenger. I hope RIM sends a strong message to the Chinese government that they won’t be giving out PIN’s and email access of BlackBerry users in China.

  • Ridiculous

    The article linked only concluded that the same command servers were used in another attack earlier this year.

    Nowhere did it make any links to China. Yet it concluded at the end that it was the Chinese government.

    To compound that disinformation this article has chosen to cite that article as “proof”.

    It’s this kind of blatantly dishonst reporting that makes me lose faith in our media.

  • Ridiculous

    The article linked only concluded that the same command servers were used in another attack earlier this year.

    Nowhere did it make any links to China. Yet it concluded at the end that it was the Chinese government.

    To compound that disinformation this article has chosen to cite that article as “proof”.

    It’s this kind of blatantly dishonst reporting that makes me lose faith in our media.

  • Pat

    Ohhh did not see that one coming..

  • Pat

    Ohhh did not see that one coming..

  • http://www.blackberrycool.com/ Kyle McInnes

    @Ridiculous – It definitely made links to China. From the report: “The source IPs and drop server of the attack correspond to a single foreign entity consisting either of agents of the Chinese state or proxies thereof.” I’ll concede that the “proof” isn’t as concrete as we would like and the report could ultimately be wrong. Getting concrete proof is pretty difficult in these matters. I’ll update and use a term that carries a little less weight.

  • http://www.blackberrycool.com/ Kyle McInnes

    @Ridiculous – It definitely made links to China. From the report: “The source IPs and drop server of the attack correspond to a single foreign entity consisting either of agents of the Chinese state or proxies thereof.” I’ll concede that the “proof” isn’t as concrete as we would like and the report could ultimately be wrong. Getting concrete proof is pretty difficult in these matters. I’ll update and use a term that carries a little less weight.

  • http://www.blackberrycool.com Kyle McInnes

    @Ridiculous – It definitely made links to China. From the report: “The source IPs and drop server of the attack correspond to a single foreign entity consisting either of agents of the Chinese state or proxies thereof.” I’ll concede that the “proof” isn’t as concrete as we would like and the report could ultimately be wrong. Getting concrete proof is pretty difficult in these matters. I’ll update and use a term that carries a little less weight.

  • Wondering

    @Kyle McInnes May I say “a single foreign entity consisting either of agents of the United state or proxies thereof.”? Show me the details, or it is bullshit.

  • Wondering

    @Kyle McInnes May I say “a single foreign entity consisting either of agents of the United state or proxies thereof.”? Show me the details, or it is bullshit.

  • Wondering

    @Kyle McInnes May I say “a single foreign entity consisting either of agents of the United state or proxies thereof.”? Show me the details, or it is bullshit.

  • Liu Lun

    Google wants to do illegal things in China, so they have to go out… This has nothing to do with the “hacking” attempts. This is just a cover.

  • Liu Lun

    Google wants to do illegal things in China, so they have to go out… This has nothing to do with the “hacking” attempts. This is just a cover.

  • Alfred

    First, the article that was linked to really only cites the conclusions of a report that is apparently not available in its entirety yet, so the evidence that led them to that conclusion is still forthcoming.

    Right now agreeing with the conclusion means trusting VeriSign.

    @Liu Lun -
    Yes, Google has said they want to uncensor their search engine in China, which is illegal. But to discount entirely the possibility of illegal actions taken by the Chinese government itself against Google is dishonest. Why is it just a cover? What reason do you have to believe this? Why would Google put itself on a course to be kicked out of China unless they had a good reason?

    Though this story is still developing, I think three reasons are likely:

    1. Doing business in China forces Google to compromise its core values (Don’t be evil.)
    2. If this hacking attempt is all it appears to be, and if, as reported in the New York Times, one target was source code, then Google’s core business is also compromised further by doing business in China.
    3. The playing field in China has always been slanted against Google, with the government overtly favoring the home-grown and obedient Baidu. (Quite understandable for the government to do this.)

    I think the growing importance of #2 caused Google to reexamine #1. #3 is simply a factor that restricts Google’s prospects of ever competing properly with Baidu. That said I do not think Baidu’s success is soley (or even predominately) explained by favorable government attitudes, but it is partly explanatory, and should not be ignored.

  • Alfred

    First, the article that was linked to really only cites the conclusions of a report that is apparently not available in its entirety yet, so the evidence that led them to that conclusion is still forthcoming.

    Right now agreeing with the conclusion means trusting VeriSign.

    @Liu Lun -
    Yes, Google has said they want to uncensor their search engine in China, which is illegal. But to discount entirely the possibility of illegal actions taken by the Chinese government itself against Google is dishonest. Why is it just a cover? What reason do you have to believe this? Why would Google put itself on a course to be kicked out of China unless they had a good reason?

    Though this story is still developing, I think three reasons are likely:

    1. Doing business in China forces Google to compromise its core values (Don’t be evil.)
    2. If this hacking attempt is all it appears to be, and if, as reported in the New York Times, one target was source code, then Google’s core business is also compromised further by doing business in China.
    3. The playing field in China has always been slanted against Google, with the government overtly favoring the home-grown and obedient Baidu. (Quite understandable for the government to do this.)

    I think the growing importance of #2 caused Google to reexamine #1. #3 is simply a factor that restricts Google’s prospects of ever competing properly with Baidu. That said I do not think Baidu’s success is soley (or even predominately) explained by favorable government attitudes, but it is partly explanatory, and should not be ignored.

  • http://www.blackberrycool.com/ Kyle McInnes

    It should be interesting to see how this plays out for Microsoft. Stories like the legal battle over Kai Fu Lee only highlight how important China is for both companies. Now that Google is potentially closing up shop in China, it seems like the perfect time for Microsoft to move in. Or who knows, maybe Google has taught corporate America that you can’t trust the Chinese government, and the risk of losing intellectual property is too great to do business.

  • http://www.blackberrycool.com/ Kyle McInnes

    It should be interesting to see how this plays out for Microsoft. Stories like the legal battle over Kai Fu Lee only highlight how important China is for both companies. Now that Google is potentially closing up shop in China, it seems like the perfect time for Microsoft to move in. Or who knows, maybe Google has taught corporate America that you can’t trust the Chinese government, and the risk of losing intellectual property is too great to do business.

  • http://www.blackberrycool.com Kyle McInnes

    It should be interesting to see how this plays out for Microsoft. Stories like the legal battle over Kai Fu Lee only highlight how important China is for both companies. Now that Google is potentially closing up shop in China, it seems like the perfect time for Microsoft to move in. Or who knows, maybe Google has taught corporate America that you can’t trust the Chinese government, and the risk of losing intellectual property is too great to do business.

  • chen bin

    Liu Lun, What the fxxk are you talk about? Are you an idiot?
    Could you do me a favor to show me the exact law google violated?

    Every Chinese knows (except you, maybe you are a son/daughter of some corrupt CCP?official and you learn how to lie from your parents in a CCP way), the fact is, the innocent Google is set up by some pervert official in our state owned TV network CCAV. Here is the evidence. http://xblog.alyzq.com/2009/06/29/660896

    Almost every Chinese (except you, of course) is in strong support of google, check the below link,
    http://bbs.chinaunix.net/forum-46-2.html

  • chen bin

    Liu Lun, What the fxxk are you talk about? Are you an idiot?
    Could you do me a favor to show me the exact law google violated?

    Every Chinese knows (except you, maybe you are a son/daughter of some corrupt CCP?official and you learn how to lie from your parents in a CCP way), the fact is, the innocent Google is set up by some pervert official in our state owned TV network CCAV. Here is the evidence. http://xblog.alyzq.com/2009/06/29/660896

    Almost every Chinese (except you, of course) is in strong support of google, check the below link,
    http://bbs.chinaunix.net/forum-46-2.html