If you wanted to hack into a popular web service and collect data on its users what would be the best strategy?
You could secretly spread millins of infected links around the Internet that download spyware and then silently collect that data and analyze it.
That's the hard way. Easier: Hack into a system that is already collecting that user data.
That's what the Chinese hackers did to Google. They managed to get into its 'internal intercept' system, this is its internal spying system that automatically collects data on its users so that it can rapidly comply with the many search warrants it receives. When Google found out about the hack it went ballistic. Here is IDG reporter Robert McMillan with a report:
...they [hackers] apparently were able to access a system used to help Google comply with search warrants by providing data on Google users, said a source familiar with the situation, who spoke on condition of anonymity because he was not authorized to speak with the press. "Right before Christmas, it was, 'Holy s***, this malware is accessing the internal intercept [systems],'" he said.
Google co-founder Larry Page called an emergency meeting on Christmas Eve to assess the situation and decided that Google could walk away from China because of what happened.
Google was pissed that the Chinese hackers hacked into its internal spying system. Those hackers were trying to get data on ALL Google users, not just Chinese human rights activists.
Google exposed all of its users precisely because it had an internal spying system.
One of my readers, Kimo Crossman, pointed out that "wiretapping systems increase attack vectors."
This is very true. Wiretapping systems increase security risks because the target is perfect -- wiretap the wiretapper. That's the honeypot. Why buzz around collecting all that data when someone else has done it for you?
Google's 'internal intercept' system increased the risk of Google user data being pirated. If it didn't exist it would be very hard for outsiders to collect it.
The irony that wiretapping systems increase security risk is interesting, and it makes perfect sense. But why is Google invoking 'human rights' as a pretext for possibly leaving China when it was embarrassed by its internal spying system being compromised . . . by other spies?