By Marcel Rosenbach, Thomas Schulz and Wieland Wagner
Google China's headquarters in Beijing
Anyone who clicked on the Chinese Google site last Thursday was greeted with an unusual logo. The six Google letters were decorated with the symbols of "China's four great inventions," namely paper, gunpowder, the compass and printing.
With its respectful bow to Chinese culture, Google was apparently trying to point out that its threatened withdrawal from China was not directed at the Chinese people, but only at the government and its Internet censorship policies. But it's doubtful whether Google's charm offensive will do any good at this point.
Google's ultimatum is an open challenge to the Chinese regime. Last week, the Internet search engine giant publicly denounced deliberate spying on its users through hacker attacks. In doing so, it revealed what Western companies and governments, eager to do business in China, tend to gloss over: the twin facts that China deliberately uses the Internet to spy on companies, and that an online company can only do business in the country if it is prepared to set aside its notions of freedom of speech and human rights.
In a posting on Google's official blog, the company's chief legal officer David Drummond admitted that Chinese hackers had managed to illegally gain access to data relating to various Gmail accounts. Drummond also made it clear that Google "is no longer willing to continue censoring our results on Google.cn," even if that resulted in its pulling out of the Chinese market.
But is Google powerful enough to pick a fight with the Chinese leadership? And can the company really afford to abandon a growing market, with its roughly 350 million Internet users?
Flowers and Nightly Vigils
The challenge is a test of both the global corporation's self-confidence and its ability to deal with a public relations crisis. It has triggered a discussion within the Internet community over the company's bold political act. Sympathizers placed flowers in front of Google's Beijing offices, held nightly vigils and wrote tens of thousands of messages of support on Internet forums around the world. Even US Secretary of State Hillary Clinton has demanded explanations from the Chinese government.
The security problem that led to the breaches of the Gmail accounts has faded into the background. The question as to how the successful attack could have happened in the first place is of greater interest to experts than to the public.
The attack was not to be underestimated, as London-based Google online security expert Alma Whitten concedes. "I have been working for Google since 2003, and we are regularly exposed to attacks," says Whitten. "But this one, in terms of its scope and the way it was done, is definitely one of the most sophisticated I've ever seen."
Google has been relatively quiet about the attack itself, and for good reason. Upon closer inspection, the incident raises troubling questions. For instance, the company admits that in the targeted attack on Google servers, information relating to the email accounts of two Chinese dissidents was accessed. The compromised information apparently included login times and subject lines, but not the content of the activists' emails.
Stealing the Crown Jewels
It appears that Google employees who analyzed this targeted attack on the infrastructure of the search engine giant discovered a second, far more comprehensive attack that not only affects Google, but more than 30 other major companies, like Adobe, Yahoo, Dow Chemical and Symantec. Cyber-security experts have even come up with a name for the attack: Operation Aurora.
The sophisticated cyber attack apparently involved individual users unknowingly download malicious software known as spyware onto their computers. Spyware enables a third party to access passwords and other sensitive information, allowing them to take control of email accounts and even bank accounts.
Last Thursday George Kurtz, the chief technology officer of Internet security company McAfee, wrote in his blog that the "targeted attacks" took advantage of a previously unknown security vulnerability, enabling the attackers "to quietly suck the crown jewels out of many companies while people were off enjoying their December holidays."
Operation Aurora "is changing the cyberthreat landscape once again," Kurtz added, noting that what he called "advanced persistent threats" have become part of a new reality. It appears that the attackers even had access to highly sensitive areas within the targeted companies. Google's only response to Kurtz's remarks was that the company's "intellectual property" had been stolen in the attack.
Online Spies
Operation Aurora is only the most recent and technically most advanced attack coming from China. As far back as the mid-1990s, companies and government agencies around the world noticed cyber offensives which they believed originated in China. Last year, Canadian researchers exposed the so-called Ghostnet cyber spying operation, which had infiltrated more than 1,200 computers worldwide. The attackers were particularly interested in the Dalai Lama, his China policy and the Free Tibet movement.
The German Chancellery and Foreign Ministry are also regular targets of cyber attacks. In one such attack, which preceded Chancellor Angela Merkel's summer 2007 trip to China, the online spies were particularly interested in the issues the chancellor intended to address during her visit.
While such attacks are nothing new, Google's reaction to the latest onslaught is. "We have concrete evidence that the attacks are coming from China," said Google Germany spokesman Kay Oberbeck. This claim is supported by the fact that the attackers were not only interested in the dissidents, but also in the Free Tibet movement. One of the Gmail accounts they hacked into was that of a 20-year-old female student at Stanford University who comes from Tibet and is involved in the movement.
Google's counterattack initially took the communist leaders in Beijing by surprise. But then Beijing sharpened its tone. A cover story in the party newspaper Huanqiu Shibao was headlined "World Surprised by Google's Challenge to China." And Jin Canrong, a prominent expert on the United States at the Chinese People's University, writing in the same publication, asked: "What on earth does Google want?" The US corporation, Jin continued, is making a mistake if it "is trying to influence Chinese politics and social reform." Chinese society, he added, "must stand united against Google's threat."
© SPIEGEL ONLINE 2010
All Rights Reserved
Reproduction only allowed with the permission of SPIEGELnet GmbH
