Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Attackers Identified as Chinese Government

Posted by ryuzaki0 on from the well-this-isn't-good dept.

forand writes Researchers, examining the attacks on Google and over 20 other companies in December, have determined 'the source IPs and drop server of the attack correspond to a single foreign entity consisting either of agents of the Chinese state or proxies thereof.'"

6 of 651 comments (clear)

  1. Finally above ground by mejogid · · Score: 5, Interesting

    It's hardly a secret that governments conduct cyber-espionage - what seems shocking in this instance is that they have been caught and that a major company, a telecoms giant and the US government have all gone on the offensive. This seems like a pretty dramatic shift, and you have to wonder what China's really done to provoke such a reaction after everyone's spent the last decade quietly appeasing them to try and get a foothold in their markets. It sounds like reading the subject lines of a few Chinese activists' emails is only the tip of the ice berg in this case, it'll be interesting to see what else has yet to be revealed.

  2. No, Seriously... by RobotRunAmok · · Score: 5, Interesting

    If a foreign government had attacked non-digital assets of any US corporation, you would expect some kind of formal reprisal. Maybe not an airdrop of Marines, but certainly something more than Hilary Clinton threatening to write a stern letter.

    What I have not doped out yet to my own satisfaction is whether the tepid response from Washington is the fault of the current administration, confusion regarding the digital nature of the breach and assets, or a little of both.

    1. Re:No, Seriously... by Neoprofin · · Score: 5, Interesting

      The problem with this theory of winning the new cold war simply by buying the opponent is that it doesn't, and can't, lead to any kind of victory. By investing in US debt China has bound themselves in an unholy blood pact to the U.S. economy. We on some level need them to continue pouring money into the economy to pay for poorly thought out foreign policy, they on the other hand need us to continue to prosper or all of their investments become worthless. If one side wins both sides win, if one sides loose both sides loose. The Chinese have already shown their realization of this in their effort to keep interest rates low to prevent inflation from devaluing their assets.

    2. Re:No, Seriously... by Alpha830RulZ · · Score: 5, Interesting

      he reason we will likely get it is that it is the politically easier of the only two options available for addressing the massive debt, including off-book future liabilities, of the U.S. government.

      Oh, for mod points. This person gets it. Historically, one of the major drivers for government laxity towards inflation (Argentina, Mexico, Pre WWII germany, etc) is that the government owes more in nominal terms than it can fund through taxes. Allow a few years of 10% inflation, and that burden is eased significantly, as tax revenues rise with inflation, while the size of the debt remains the same. We will see 6-10% inflation for 3 to 8 years sometime in the next 15 years, because that is the ONLY way the US government can get out of the financial hole we are in. This will in turn hurt the Chinese, who are holding vast amounts of dollar demoninated debt.

      --
      I was taught to respect my elders. The trouble is, it's getting harder and harder to find some.
  3. Re:can't say i'm surprised by dnoyeb · · Score: 5, Interesting

    What did China do when they found all the bugs the US government put in the plane we sold them?

    Nothing.
    http://articles.latimes.com/2002/jan/20/news/mn-23796

  4. Unleash the hounds by dave562 · · Score: 5, Interesting

    The Wall Street Journal had a great article about some of the details behind the scenes of this particular incident, and also another article that did a good job of summarizing what has been discussed here over the last couple of years. The main stream media is openly stating that the People's Liberation Army is actively encouraging "citizen cyber militias" to conduct "cyber attacks" (good Lord how I hate that term) against foreign (read, United States) corporations. Although they haven't gone so far as to state that those militias have active backing of the government, they have said that the government is turning a blind eye to their activities. Furthermore, the WSJ goes on to state that there are United States agencies involved in similar espionage activities.

    Given that background, it seems like hacking Chinese companies should be fair game for up and coming "security researchers" here in the United States. In the 1990s the United States government made it quite clear that they were going to come down hard on people who mess with government and Fortune 500 systems. Given the option between really securing the systems and punishing those who exploit the lack of security, they went with the latter. A lot of people, myself included, decided that once we turned 18 and faced the threat of real Federal prosecution, the wise move was to turn off the war dialers, stop snarfing ESN/MIN pairs out of the air, and stop trying to run exploit code against computers that we don't control.

    We can't hone our craft in the United States anymore. Although there is a whole market for securing IT resources against attack, there isn't a playground to pick up skills in. My suggestion is that China is that playground. My suggestion is that Chinese corporations in the United States are the targets. I mean lets face it, there are hundreds of thousands of compromised computers in the United States. The United States government can't be held accountable for malicious activity directed toward Chinese corporations. It would be unfortunate for those entities to be DDoS'd. It would be unfortunate for their internal workstations to be the target of vulnerability research.