In mid-December, Google detected a sophisticated cyber attack on its corporate infrastructure.

Further investigation revealed that Google was among a number of Silicon Valley businesses and entities–from the finance, technology, media and chemical sectors–that fell under siege. The attackers may have succeeded in the theft of intellectual property, e.g. corporate data and software source codes, by exploiting an IE browser vulnerability.

Additionally, Google discovered that dozens of Gmail accounts belonging to Chinese human rights activists appear to have been routinely accessed by third parties. These activists were based in China, as well as Europe and the US. The search-engine giant suspected these attacks originated from China.

From the Official Google Blog:

These attacks and the surveillance they have uncovered–combined with the attempts over the past year to further limit free speech on the web–have led us to conclude that we should review the feasibility of our business operations in China.

We have decided we are no longer willing to continue censoring our results on Google.cn, and so over the next few weeks we will be discussing with the Chinese government the basis on which we could operate an unfiltered search engine within the law, if at all. We recognize that this may well mean having to shut down Google.cn, and potentially our offices in China.

McAfee’s Chief Technology Officer, George Kurtz, said the Google hack comprised the “largest and most sophisticated cyberattack we have seen in years targeted at specific corporations“.

—-
Updates:
Foreign Journalists in Beijing Hit by E-Mail Hackers [NYT]
France, Germany Say Avoid IE Until Security Vulnerability Patched [eWeek]
Google probing possible inside help on attack [Yahoo]

Advertisements