Politically Motivated Computer Crime and Hacktivism: Google Throws Down the Gauntlet to China

Thursday, January 14, 2010

Google Throws Down the Gauntlet to China - Maybe

A flood of news reports have come out concerning the looming battle between Google and China over intrusions into the accounts of human rights activists ala Ghostnet.

To add to the confusion are almost simultaneous reports of alleged attacks by Iranians on China's largest search engine, Baidu, and the inevitable counterattacks of Iranian websites with pro-Chinese graffiti. What remains to be answered is why anyone in Iran would be motivated to attack and deface the Baidu website with pro-Iranian messages and graphics. The timing of these attacks are interesting as well.

As usual, there is plenty of speculation concerning the Google - China attacks and their motivations but little factual information available for analysis. Of course there is the usual problems with accurate attribution and sourcing of attacks and determining exact motivations and potential external influences including whether the Chinese government may have a role in the breaches.

However there are many other unanswered questions in the Google - China standoff. To name a few:

Are these attacks related to, or a continuation of, the Ghostnet attacks? In an official blogpost, David Drummond, Google's Chief Legal Officer, pointed specifically to the Ghostnet report but didn't explicitly link them;

Mr. Drummond's post also stated that "[a]s part of our investigation we have discovered that at least twenty other large companies from a wide range of businesses--including the Internet, finance, technology, media and chemical sectors--have been similarly targeted." A full list of these companies has not been made public to date but it would be very informative to understand the exact relationship between the Google attacks (believed to target human rights activists) and the other companies. Is someone in China targeting human rights activists in chemical companies?!?;

What are Google's and China's next steps? It's obvious that both entities have merely set up negotiating positions: Google did not close google.cn nor has it (yet) stopped censoring Chinese Internet searches; China's initial, official responses have been muted. Obviously, both sides don't want to do anything rash and there may be other agendas in play.

One of the biggest problems in understanding these attacks is the disjointed approach to investigating. These attacks span the world (The US, China, Iran, EU countries, Japan, Taiwan...) each with its own agenda and political and economic considerations. Additionally, there is no central coordination of information or analysis. Even within the US, some victims will cooperate; others will not. Among those that cooperate, some will have good monitoring and data collection capabilities; others will not. It's most likely we will never fully understand these attacks and if we don't understand them it will be next to impossible to effectively counter them.

Iranian Hackers Deface Top China Website
Hackers in Frontline of China's Cyberwar
A New Approach to China
China gives first response to Google threat

No comments:

Post a Comment

About Encurve, LLC

Encurve, LLC - Building Intentional Security^TM.

Intentional - Purposeful. Deliberate. Planned.
That's what security should be.

Closing the gap between business leaders and security practitioners is what intentional security is all about.

Encurve, LLC offers a wide range of services:

Security Assessment & Management Services
Employing our real-world experience and proprietary methodologies to help security organizations become for focused and efficient.

Executive Advisory & Support Services
Providing the strategic and business focused analysis required by business leaders to make investment and risk decisions without getting lost in the technology.

Security Business Development
Enabling companies to provide professional or managed security offerings to their customers through the development of core and differentiated capabilities.

Brochures

Encurve's Security Capabilities
Encurve's Protect OnDemand^TM Solutions for Demanding Security Situations
Incident Response Capability Assessments
Due Diligence Services
Security Assessment Training
About Encurve and Intentional Security

Contact Encurve, LLC to start Building Intentional Security^TM.

Building Intentional Security^TM and Protect OnDemand^TM are trademarks of Encurve, LLC in the United States and other countries.