About the SA Blog Network



Opinion, arguments & analyses from the editors of Scientific American
Observations HomeAboutContact

Cyber War-of-Words Escalation: China Goes on the Offensive against Google

The views expressed are those of the author and are not necessarily those of Scientific American.

Email   PrintPrint

cyber security,China,GoogleChina’s state-run Xinhua News Agency has struck back against Google following the Internet giant’s claims earlier this week that recent hacker attempts to steal G-mail user passwords appeared to have originated from China. Xinhua called Google’s statements "evil-intentioned" in an article published Friday and quoted Dai Yiqi, a cyber security researcher with Tsinghua University, as saying that Google’s assertion "is neither serious nor credible as it has not published any evidence that shows the hackers are from China."

The engineering director of the Google Security Team, Eric Grosse, initiated this exchange with China on Wednesday when he blogged about an attempt to hijack G-mail accounts using malware and phishing scams. The goal behind the incident seems to have been to monitor the contents of these users’ emails, "with the perpetrators apparently using stolen passwords to change peoples’ forwarding and delegation settings," Grosse wrote.

Xinhua took exception to the Grosse’s assertion that the effort to steal G-mail information "appears to originate from Jinan, China." The government-sponsored news agency quoted Li Shuisheng, a research fellow with a military science academy of the People’s Liberation Army, as saying Google’s post may well have instigated a new round of the ongoing cyber row between China and the United States. Xinhua expressed its view that Google is indirectly implicating the Chinese government in the cyber attack by stating that the hackers tried to collect G-mail account information from hundreds of users, including senior U.S. government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists.

The Sino-Mountain View, Calif.-dispute originated early last year after Google said it had been the victim of cyber attacks originating in China. This led to a Google ultimatum, displeasing to the Chinese government, that the company would no longer censor results on, that nation’s version of the search engine.

As the standoff unfolded last year The New York Times, citing unnamed sources, reported that the attacks could be traced back to Shanghai Jiaotong University and Lanxiang Vocational School. Xinhua referred to this accusation earlier this week in an article about the bad blood between Google and China. "The [New York Times] report amused many Chinese at that time since Lanxiang Vocational School enjoys a good fame at training chefs for local restaurants," according to the Xinhua article.

Nevertheless, the U.S. government claims to take Google’s accusations against China seriously. Secretary of State Hillary Clinton said earlier this week that both the State Department and FBI are investigating the attack against Google.

Google is just the latest of several large corporations claiming to have been victimized recently by hackers—others include Sony and government contractor Lockheed Martin. More than a month after an "external intrusion" felled Sony’s PlayStation Network, the company announced Wednesday that the network was back being fully operational for gamers. Shortly after shutting down PlayStation Network and Qriocity services on April 20 Sony revealed that between April 17 and April 19, "certain unencrypted PlayStation Network and Qriocity service user account information—including name, address, passwords, logins and online IDs—was compromised in connection with an illegal and unauthorized intrusion into our network."

Tracing the source of any hack typically proves problematic because cyber attackers are adept at routing traffic through servers located worldwide. As a result, simply determining the Internet Protocol (IP) address of a server launching an attack doesn’t guarantee that the attack originated there. This point was not lost on Xinhua, which quoted Dai as saying, "Hackers usually launch attacks by camouflaging their own IP addresses or controlling computers of others. Therefore, we can hardly tell the location of the hacker unless we have sufficient evidence." Scientific American Cross-Check blogger John Horgan likewise raised this issue in his most recent post.

Image courtesy of José Manuel Ferrão, via

Rights & Permissions

Comments 3 Comments

Add Comment
  1. 1. Mr. Peabody II 12:05 am 06/4/2011

    Google is the only free email host I know of that has not suffered massive intrusions by hackers (unlike Yahoo and Hotmail.) While Google is certainly not a "Knight in Shining Armor", I find their accusations in this case totally credible.

    Link to this
  2. 2. MCMalkemus 12:45 am 06/4/2011

    A hack can originate from anywhere. Simply saying a hack originated from China isn’t to say that China condoned it. Most hacks come from the US BTW. This doesn’t mean the US government supports US based hackers.

    Link to this
  3. 3. jeffmcmahan 5:07 pm 06/5/2011

    So, let me get this straight: the clever reporters at Scientific American are suspicious of Google’s claim that attacks came from China because hackers can hide their IPs? It would seem to follow that the SA reporters and sources believe Google to be either (i) unaware of that IPs can be easily hidden, and to therefore have accused China out of stupidity, or (ii) they’re aware of that IPs can be cloaked, but they were looking to get into a fight with the Chinese gov’t anyway. Option (i) is clearly out of the question. Option (ii) isn’t much better. So, I’d probably just respect that Google has some way of knowing (which would hardly be surprising).

    Link to this

Add a Comment
You must sign in or register as a member to submit a comment.

More from Scientific American

Email this Article