Attacks/Breaches
1/12/2010
07:36 PM
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail
50%
50%

Google Ends Censorship In China

Targeted cyber attacks from China on corporate data of at least 20 public companies and efforts to steal data about human rights advocates have prompted Google to re-evaluate its cooperation with Chinese censors.

Google said on Tuesday that it will no longer censor search results on Google.cn, a decision likely to end the company's presence in China.

Google's decision comes after it detected a highly sophisticated cyber attack on its corporate infrastructure last month that resulted in the theft of Google's intellectual property. Details about the theft were not disclosed.

David Drummond, SVP of corporate development at Google and the company's chief legal officer, said in a blog post that Google's internal investigation revealed at least twenty other large companies had also been attacked.

"[W]e have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists," said Drummond. "Based on our investigation to date we believe their attack did not achieve that objective. Only two Gmail accounts appear to have been accessed, and that activity was limited to account information (such as the date the account was created) and subject line, rather than the content of e-mails themselves."

As a result of its investigation, Drummond said, Google also discovered that "the accounts of dozens of U.S.-, China- and Europe-based Gmail users who are advocates of human rights in China appear to have been routinely accessed by third parties." He emphasized that this was not due to a security failure on Google's part. Rather, these users appear to have had their passwords compromised through phishing scams or malware on their computers.

As a consequence of these attacks, Google has come to believe that it can no longer continue censoring Google.cn, as directed by the Chinese government.

"These attacks and the surveillance they have uncovered--combined with the attempts over the past year to further limit free speech on the Web--have led us to conclude that we should review the feasibility of our business operations in China," Drummond said. "We have decided we are no longer willing to continue censoring our results on Google.cn, and so over the next few weeks we will be discussing with the Chinese government the basis on which we could operate an unfiltered search engine within the law, if at all. We recognize that this may well mean having to shut down Google.cn, and potentially our offices in China."

Financially, Google's revenue from China is not material to its overall revenue.

Google's decision was immediately hailed by rights groups, many of which have questioned whether the company's decision in 2006 to cooperate with Chinese censors violated its "Don't be evil" motto.

"Google has taken a bold and difficult step for Internet freedom in support of fundamental human rights," said Leslie Harris, president of the Center for Democracy & Technology, in an e-mailed statement. "No company should be forced to operate under government threat to its core values or to the rights and safety of its users. We support Google for being willing to engage in this very difficult process."

Google's decision recalls the stand it took against the U.S. government, which sought the company's search data in 2005 and 2006 to support its ultimately failed effort to uphold the Child Online Protection Act.

"This is a very big step that Google is taking, that is to make public these kinds of cyber attacks," said Sharon Hom, executive director of Human Rights In China. Such attacks, she said, are not news to the the human rights communities and NGOs, which have long been targeted with phishing, malware, and denial of service attacks. "For Google to make public what they have discovered is highly significant," she added. "It's a wake up call to the international business community about the real risks of operating in China."

Hom said that how China reacts to Google's decision will send a very strong message to the business community about their future prospects in China.

Dave Girouard, president of Google's Enterprise group, in a separate blog post stressed that these attacks should not shake faith in cloud computing.

"At Google, we invest massive amounts of time and money in security," he said. "Nothing is more important to us. Our response to this attack shows that we are dedicated to protecting the businesses and users who have entrusted us with their sensitive email and document information. We are telling you this because we are committed to transparency, accountability, and maintaining your trust."

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Latest Comment: nice one
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-1235
Published: 2015-04-19
The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy via a crafted HTML document with an IFRAME element.

CVE-2015-1236
Published: 2015-04-19
The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy and obtain sensitive audio sample values via a cr...

CVE-2015-1237
Published: 2015-04-19
Use-after-free vulnerability in the RenderFrameImpl::OnMessageReceived function in content/renderer/render_frame_impl.cc in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger renderer IPC messages ...

CVE-2015-1238
Published: 2015-04-19
Skia, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.

CVE-2015-1240
Published: 2015-04-19
gpu/blink/webgraphicscontext3d_impl.cc in the WebGL implementation in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WebGL program that triggers a state inconsistency.

Dark Reading Radio
Archived Dark Reading Radio
Join security and risk expert John Pironti and Dark Reading Editor-in-Chief Tim Wilson for a live online discussion of the sea-changing shift in security strategy and the many ways it is affecting IT and business.