Skip to main content

Cyber War-of-Words Escalation: China Goes on the Offensive against Google

This article was published in Scientific American’s former blog network and reflects the views of the author, not necessarily those of Scientific American


China's state-run Xinhua News Agency has struck back against Google following the Internet giant's claims earlier this week that recent hacker attempts to steal G-mail user passwords appeared to have originated from China. Xinhua called Google's statements "evil-intentioned" in an article published Friday and quoted Dai Yiqi, a cyber security researcher with Tsinghua University, as saying that Google's assertion "is neither serious nor credible as it has not published any evidence that shows the hackers are from China."

The engineering director of the Google Security Team, Eric Grosse, initiated this exchange with China on Wednesday when he blogged about an attempt to hijack G-mail accounts using malware and phishing scams. The goal behind the incident seems to have been to monitor the contents of these users' emails, "with the perpetrators apparently using stolen passwords to change peoples' forwarding and delegation settings," Grosse wrote.


On supporting science journalism

If you're enjoying this article, consider supporting our award-winning journalism by subscribing. By purchasing a subscription you are helping to ensure the future of impactful stories about the discoveries and ideas shaping our world today.


Xinhua took exception to the Grosse's assertion that the effort to steal G-mail information "appears to originate from Jinan, China." The government-sponsored news agency quoted Li Shuisheng, a research fellow with a military science academy of the People's Liberation Army, as saying Google's post may well have instigated a new round of the ongoing cyber row between China and the United States. Xinhua expressed its view that Google is indirectly implicating the Chinese government in the cyber attack by stating that the hackers tried to collect G-mail account information from hundreds of users, including senior U.S. government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists.

The Sino-Mountain View, Calif.-dispute originated early last year after Google said it had been the victim of cyber attacks originating in China. This led to a Google ultimatum, displeasing to the Chinese government, that the company would no longer censor results on Google.cn, that nation's version of the search engine.

As the standoff unfolded last year The New York Times, citing unnamed sources, reported that the attacks could be traced back to Shanghai Jiaotong University and Lanxiang Vocational School. Xinhua referred to this accusation earlier this week in an article about the bad blood between Google and China. "The [New York Times] report amused many Chinese at that time since Lanxiang Vocational School enjoys a good fame at training chefs for local restaurants," according to the Xinhua article.

Nevertheless, the U.S. government claims to take Google's accusations against China seriously. Secretary of State Hillary Clinton said earlier this week that both the State Department and FBI are investigating the attack against Google.

Google is just the latest of several large corporations claiming to have been victimized recently by hackers—others include Sony and government contractor Lockheed Martin. More than a month after an "external intrusion" felled Sony's PlayStation Network, the company announced Wednesday that the network was back being fully operational for gamers. Shortly after shutting down PlayStation Network and Qriocity services on April 20 Sony revealed that between April 17 and April 19, "certain unencrypted PlayStation Network and Qriocity service user account information—including name, address, passwords, logins and online IDs—was compromised in connection with an illegal and unauthorized intrusion into our network."

Tracing the source of any hack typically proves problematic because cyber attackers are adept at routing traffic through servers located worldwide. As a result, simply determining the Internet Protocol (IP) address of a server launching an attack doesn't guarantee that the attack originated there. This point was not lost on Xinhua, which quoted Dai as saying, "Hackers usually launch attacks by camouflaging their own IP addresses or controlling computers of others. Therefore, we can hardly tell the location of the hacker unless we have sufficient evidence." Scientific AmericanCross-Check blogger John Horgan likewise raised this issue in his most recent post.

Image courtesy of José Manuel Ferrão, via iStockphoto.com

Larry Greenemeier is the associate editor of technology for Scientific American, covering a variety of tech-related topics, including biotech, computers, military tech, nanotech and robots.

More by Larry Greenemeier