Attacks/Breaches
1/12/2010
07:36 PM
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail
50%
50%

Google Ends Censorship In China

Targeted cyber attacks from China on corporate data of at least 20 public companies and efforts to steal data about human rights advocates have prompted Google to re-evaluate its cooperation with Chinese censors.

Google said on Tuesday that it will no longer censor search results on Google.cn, a decision likely to end the company's presence in China.

Google's decision comes after it detected a highly sophisticated cyber attack on its corporate infrastructure last month that resulted in the theft of Google's intellectual property. Details about the theft were not disclosed.

David Drummond, SVP of corporate development at Google and the company's chief legal officer, said in a blog post that Google's internal investigation revealed at least twenty other large companies had also been attacked.

"[W]e have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists," said Drummond. "Based on our investigation to date we believe their attack did not achieve that objective. Only two Gmail accounts appear to have been accessed, and that activity was limited to account information (such as the date the account was created) and subject line, rather than the content of e-mails themselves."

As a result of its investigation, Drummond said, Google also discovered that "the accounts of dozens of U.S.-, China- and Europe-based Gmail users who are advocates of human rights in China appear to have been routinely accessed by third parties." He emphasized that this was not due to a security failure on Google's part. Rather, these users appear to have had their passwords compromised through phishing scams or malware on their computers.

As a consequence of these attacks, Google has come to believe that it can no longer continue censoring Google.cn, as directed by the Chinese government.

"These attacks and the surveillance they have uncovered--combined with the attempts over the past year to further limit free speech on the Web--have led us to conclude that we should review the feasibility of our business operations in China," Drummond said. "We have decided we are no longer willing to continue censoring our results on Google.cn, and so over the next few weeks we will be discussing with the Chinese government the basis on which we could operate an unfiltered search engine within the law, if at all. We recognize that this may well mean having to shut down Google.cn, and potentially our offices in China."

Financially, Google's revenue from China is not material to its overall revenue.

Google's decision was immediately hailed by rights groups, many of which have questioned whether the company's decision in 2006 to cooperate with Chinese censors violated its "Don't be evil" motto.

"Google has taken a bold and difficult step for Internet freedom in support of fundamental human rights," said Leslie Harris, president of the Center for Democracy & Technology, in an e-mailed statement. "No company should be forced to operate under government threat to its core values or to the rights and safety of its users. We support Google for being willing to engage in this very difficult process."

Google's decision recalls the stand it took against the U.S. government, which sought the company's search data in 2005 and 2006 to support its ultimately failed effort to uphold the Child Online Protection Act.

"This is a very big step that Google is taking, that is to make public these kinds of cyber attacks," said Sharon Hom, executive director of Human Rights In China. Such attacks, she said, are not news to the the human rights communities and NGOs, which have long been targeted with phishing, malware, and denial of service attacks. "For Google to make public what they have discovered is highly significant," she added. "It's a wake up call to the international business community about the real risks of operating in China."

Hom said that how China reacts to Google's decision will send a very strong message to the business community about their future prospects in China.

Dave Girouard, president of Google's Enterprise group, in a separate blog post stressed that these attacks should not shake faith in cloud computing.

"At Google, we invest massive amounts of time and money in security," he said. "Nothing is more important to us. Our response to this attack shows that we are dedicated to protecting the businesses and users who have entrusted us with their sensitive email and document information. We are telling you this because we are committed to transparency, accountability, and maintaining your trust."

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2963
Published: 2014-07-10
Multiple cross-site scripting (XSS) vulnerabilities in group/control_panel/manage in Liferay Portal 6.1.2 CE GA3, 6.1.X EE, and 6.2.X EE allow remote attackers to inject arbitrary web script or HTML via the (1) _2_firstName, (2) _2_lastName, or (3) _2_middleName parameter.

CVE-2014-3310
Published: 2014-07-10
The File Transfer feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center does not verify that a requested file was an offered file, which allows remote attackers to read arbitrary files via a modified request, aka Bug IDs CSCup62442 and CSCup58463.

CVE-2014-3311
Published: 2014-07-10
Heap-based buffer overflow in the file-sharing feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center allows remote attackers to execute arbitrary code via crafted data, aka Bug IDs CSCup62463 and CSCup58467.

CVE-2014-3315
Published: 2014-07-10
Cross-site scripting (XSS) vulnerability in viewfilecontents.do in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCup76308.

CVE-2014-3316
Published: 2014-07-10
The Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to bypass intended upload restrictions via a crafted parameter, aka Bug ID CSCup76297.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.