Google warns of 'state-sponsored' attacks in China


OPENING GOOGLE’s Gmail service in China was an alarming experience yesterday, as a strap headline across the top of the inbox said: “Warning: we believe state-sponsored attackers may be trying to compromise your account or computer.”

Google has added a feature to warn users whose accounts it believes are targets of “state-sponsored attacks”, but the internet giant did not specify which government.

However, relations between Google and the Chinese government have been strained for many years, and China is regularly cited by western security consultants as a major player in cyber-warfare research.

In a company blog posting this week, Google’s vice-president responsible for security engineering, Eric Grosse, said the message was aimed at users who have been targeted.

“We are constantly on the lookout for malicious activity on our systems, in particular attempts by third parties to log in to users’ accounts unauthorised. When we have specific intelligence – either directly from users or from our own monitoring efforts – we show clear warning signs and put in place extra roadblocks to thwart these bad actors,” Mr Grosse wrote.

Google could not go into the details of how they know the activity was state-sponsored without giving away details that would help those doing the targeting.

“But our detailed analysis – as well as victim reports – strongly suggest the involvement of states or groups that are state-sponsored,” he wrote.

A couple of years ago a number of Yahoo email accounts in China, including this correspondent’s, were hacked into by what were suspected to be government-sponsored agencies. Last year Google said hackers in China had broken into the personal Gmail accounts of several hundred people, including senior US government officials, military personnel and political activists.

Using the internet can be an extremely frustrating experience for users in China. There is a rigorous system of controls aimed ostensibly at stopping pornography but which seems chiefly used to block access to politically sensitive websites and search terms.

Google closed its search engine in China in 2010 after saying it no longer wanted to co-operate with Beijing’s internet censorship following hacking attacks traced to China. The company said some of its intellectual property also was stolen in an attack that targeted at least 20 other large companies.

Although China has repeatedly denied having links to hacking attacks, foreign governments and private security firms have long said Beijing uses computer hacking attacks to target rivals and glean intelligence.

A report last November by US intelligence agencies said Chinese and Russian intelligence services and companies with state ties systematically break into US computer systems to steal commercial information.

In August, a Chinese television clip gave an insight into how cyber attacks can be used by the People’s Liberation Army against specific targets. Researchers at the McAfee internet security company said they had discovered a massive series of hacking attacks targeting the networks of 72 organisations including the United Nations and the governments of the US, Taiwan, India, South Korea, Vietnam and Canada.