Google threatened late Tuesday to pull out of its operations in China after it said it had uncovered a massive cyber attack on its computers that originated there.
As a result, the company said, it would no longer agree to censor its search engine in China and may exit the country altogether.
Google said that a primary goal of the attackers was accessing the Gmail accounts of Chinese human right activists, but that the attack also targeted 20 other large companies…
“We recognize that this may well mean having to shut down Google.cn, and potentially our offices in China,” …adding that the decision was being driven by executives in the United States, “without the knowledge or involvement of our employees in China.”
Google did not publicly link the Chinese government to the cyber attack, but people with knowledge of Google’s investigation said they had enough evidence to justify its actions.
34 companies were targeted… The attacks came from Taiwanese Internet addresses… stolen documents were sent electronically to a server controlled by Rackspace, based in San Antonio.
The official statement from the Google Legal chief comes short of, but leaves no mistaking, that these intrusions were definitively determined to be PRC state-sponsored activity, although originating from Taiwanese IPs.
Google Inc. said it may leave China after an investigation found the company had been hit with major cyber attacks it believes originated from the country…
Investigators are probing whether the attack is linked to the Chinese government or intelligence services… The attack has piqued the interest of U.S. intelligence agencies, including the National Security Agency…
For Google to withdraw from China would be an extremely rare repudiation by a Western company of what is almost universally seen in big business as one of the world’s most important markets. Even the public suggestion that it is considering such a move is likely to infuriate Chinese authorities.
Google said… it was making its move because it detected a “highly sophisticated and targeted attack on our corporate infrastructure originating from China” in mid-December. Google said the attack resulted in “the theft of intellectual property from Google.”
The perpetrators launched the attacks from at least six Internet addresses located in Taiwan, which is a common strategy used by Chinese hackers to mask their origin… The attackers used at least seven different types of attack code…
I’ve been harping on the phenomenon of Chinese cybercriminals, but of course Chinese cybersoldiers are just the flip-side of the same coin.
Now at least we know why Chinese hackers want in to my SSH server so bad… for use in mounting distributed attacks against Gmail.
I think Google will turn more conciliatory in the coming days to save face and their high growth revenue interests, but we are surely witnessing what will go down in socio/military/political history books as one of the more pronounced, and certainly most publicly visible, opening volleys on the cyberwarfare front.