Chinese cyberattack on Google exposed spy data: US officials

Chinese cyberattack on Google exposed spy data: US officials

Summary: An attack which took place against Google exposed sensitive data concerning U.S. surveillance targets.

SHARE:
cyber-war-igen-zaw2-1

Government officials say that Chinese hackers who breached Google's defenses were able to access years' worth of U.S. law enforcement and spying information.

As reported by The Washington Post, current and former U.S. officials say that when Chinese hackers broke into Google servers in 2010, although the tech giant claimed they were targeting human rights activist information, the intruders were actually after a database which contained years' worth of information relating to U.S. surveillance and law enforcement.

At the time of the data breach, Google made no reference to the database, which seeded distrust and resulted in a dispute between the firm and the Federal Bureau of Investigation. According to the publication, a senior Microsoft official suggested that at the time of the cyberattack, the company's own servers were also under siege. This led to the conclusion that the Chinese hackers were trying to identify Chinese intelligence operatives who had been tagged for email surveillance by the United States.

An anonymous former U.S. official said that the database contained information on court-ordered surveillance which could have impacted the activities of Chinese intelligence operatives using Google's Gmail service. As a result, if China knew who was being watched, this granted operatives time to destroy data and for authorities to remove people from the country. In addition, U.S. agencies could be fed false information by those under surveillance.

In a conference near Washington, David Aucsmith, a director of Microsoft's Institute for Advanced Technology in Governments, said that the attackers "were actually looking for the accounts that we had lawful wiretap orders on." In addition, Aucsmith commented:

"If you think about this, this is brilliant counterintelligence. You have two choices: If you want to find out if your agents, if you will, have been discovered, you can try to break into the FBI to find out that way. Presumably that's difficult. Or you can break into the people that the courts have served paper on and see if you can find it that way. That’s essentially what we think they were trolling for, at least in our case."

The U.S. and Chinese governments have been at loggerheads over digital warfare. A recent U.S. Department of Defense report claimed that Chinese cyberattacks have been designed to steal confidential information around the nation's "diplomatic, economic, and defense industrial base sectors that support national defense programs," and both the Chinese government and military are involved in cyber espionage campaigns against the United States.

The report backs up research released in February by U.S. security firm Mandiant, which alleged that China was responsible for an "overwhelming number" of cyberattacks. However, China staunchly denies these claims, and has repeated its official stance against cybercrime in response.

Additional studies say that the U.S. government is now the biggest global buyer of malware, but China accounts for 41 percent of global attack traffic -- making the situation even more complicated. The issues surrounding cybercrime have now become so complex that they have spilled into politics; the U.S. government now considering import restrictions for countries that create products which contain U.S. technology stolen through cybercrime.

Topics: Security, Google, Government US

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

26 comments
Log in or register to join the discussion
  • yeah, bring back the old Cocom regime

    Those were wonderful years. :)
    danbi
  • the title of the article...

    ... makes it sound like google was storing a database of secret government spy data and then the chinese hacked in and stole it...
    ukjb
  • Cyber War is brewing

    these days america is getting all sorts of threats, it seems like the whole world is out to get them ( I wonder why :P? )
    (source:http://www.bestvpnservice.com/blog/america-facing-constant-cyber-attacks/)
    alifaizan1
    • China is not "the whole world"

      When USA (and every other country's) secrets are protected by weak cyber-security, they because an easy target for the Chinese government. China is grabbing all the information they can.

      East European hackers are more interested in financial gain. That's a different goal.

      Apparently, most hacking organizations are engaged in theft. They need a salary or profit for their ongoing investment of time & effort.
      SlimSam
      • sure isn't...

        but it is over 20%.

        And if you include India it becomes 37%
        jessepollard
    • King of the hill

      A game we play in the US as children is called King of the hill. The whole point is to stay on the top of the hill as long as you can while the other plays try to remove you by force and make them self king of the hill. Right now America is King of the hill.
      KBabcock75
      • King of the Hill

        The U.S. is mortgaged up to it's eyeballs to China, thanks to our long-term 30 billion dollar per month wars in the Middle East and South Asia. China basically owns us, so a strong argument could be made that they are now "King of the Hill."
        BillDem
        • They "own us" in the sense that

          on paper only.

          a an "ownership" granted until you see no need for it.
          William Farrel
          • Huh?

            You ever wish that people would proofread what they wrote before clicking Submit? Me, too.
            kidtree
          • Of course, "it is on paper only"

            Like all financial agreements you make with your creditors etc. They don't actually keep you in chains all the time, right. Still, if you later refuse to pay "something on paper only", they are coming to get you and make you pay.
            danbi
          • Not likely

            that China is going to come and get anybody. They can't afford to lose all the silly Americans paying outrageous prices for the products their slave-like labor force produces...
            xplorer1959
        • China

          doesn't "own us" nor is the US "mortgaged up to its eyeballs to China". Please, check facts before you spout simplistic lines...
          xplorer1959
    • You wonder why?

      What's the sense in hacking a small island nation?
      William Farrel
  • So, the miscreants were succesful in their attack on Google servers ...

    But, were, apparently, unsuccessful in their attack on Microsoft's servers. Could Microsoft's security, with a platform comprised of Windows clients and servers, have been superior to Google's security?

    If I recall, the name given to this attack was Aurora and Google (as well as other companies) was initially breached via a PC running Windows XP and IE 6. And, in response, Google banished the Windows client OS from their enterprise, replacing it with GNU/Linux and OS X.

    Maybe all Google needed to do was to upgrade Windows and lock down their Windows desktops ...

    And as I understand it, Google's servers are 100% Linux-based.

    Is there more to enterprise security simply than the client and server OSs that are used?
    Rabid Howler Monkey
    • I think you missed something

      in the article:
      "According to the publication, a senior Microsoft official suggested that at the time of the cyberattack, the company's own servers were also under siege. This led to the conclusion that the Chinese hackers were trying to identify Chinese intelligence operatives who had been tagged for email surveillance by the United States."

      So no, Microsoft's own servers were also under siege at the same time. This led them to conclude that the information being sought out by the attackers was about email under court ordered surveillance by the United States.
      DancesWithTrolls
  • Huh?

    How about explaining some of your statements? Why would that sensitive information be on Google's servers in the first place? And why would the US Government be the largest buyer of malware? An article that raises more questions than it answers isn't very useful.
    GKSeifert
    • Reasons...

      I agree that sensitive information should NEVER be stored in the cloud. It needs to be locked down physically, as well as electronically.

      As for the reason the U.S. is the largest buyer of malware, it's for the same reason that we have bought massive weapon caches. We are attacking servers in other countries just as much as they're attacking ours. On top of that, the U.S. is also constantly breaking into the servers and computers of our own citizens. Our leaders are the biggest hypocrites in the world. They condemn other nations for the exact same human rights violations which they are committing themselves. That's one reason why most nations in the world no longer trust or respect the U.S.
      BillDem
  • The USA gov can't even stop a private from downloading millions of files.

    Secrets are only kept when competent people are employed, competent people don't let a private download millions of secret documents.

    No competency from the bottom all the way to the top.
    Just arrogant ignorant clowns running the show.
    Reality Bites
  • Stupid question

    Why did Google have those data to begin with?
    John L. Ries
  • It's dubious that it's the Chinese

    They don't have the infrastructural chops for this level of hacking, and good hackers are *very* good at hiding who/where they really are. This sounds like it was done through botnets, with many of the nodes located in China.
    JustCallMeBC