Google Investigating Chinese Employees

BluePeppers writes "The Guardian is reporting that Google China is investigating its staff about The Incident. '"We're not commenting on rumor and speculation. This is an ongoing investigation and we simply cannot comment on the details," a Google spokeswoman said. Security analysts told Reuters the malicious software or malware used in the attack was a modification of a trojan called Hydraq. A trojan is a hidden program allowing unauthorized access to a computer. The analysts said the sophistication in the attack was in knowing whom to attack, not the malware itself.'"

Spies everywhere

[WindBourne]

Why should Google be surprised. The funny thing is that all Google will be able to do is fire that person. And then they will get to take a job with a Baidu (or may already be working for them).

Re:Spies everywhere

[Wyatt+Earp]

And I suspect alot of Google China employees draw a paycheck from the People's Liberation Army and other Chinese Government agencies.

Re:Spies everywhere

[GiveBenADollar]

But the real question is how many Chinese Government officials are drawing a Google paycheck. I suspect that Google now has more spies than the Vatican.

Loose lips sink ships.

[Mal-2]

I bet it was your run of the mill social engineering. Someone on the attacking side befriended someone on the inside and either coaxed the information out, or just waited until they mentioned it in passing. Once they knew who to target, they could then pump this employee to see if the attack was having any effect, from the perspective of an insider.

It could be a Facebook friend, it could be a normal face-to-face friend, or it might be a "swallow". Governments certainly use this method of social engineering, but I would be quite surprised if companies do not do it as well.

Mal-2