Google hacking: Chinese attack on Gmail raises ‘cyberwar’ tensions

Senior US and South Korean government officials plus Chinese activists have login details stolen Tensions between the US, UK and China over the issue of cyber-attacks have escalated after it emerged that Chinese hackers have stolen the login deatails of hundreds of senior US and South Korean government officials as well as Chinese political activists. Google said it had discovered and alerted hundreds of people who had been taken in by a carefully targeted “phishing” scam originating from Jinan, the capital of Shangdong province. Hackers aimed to get complete control of users’ email accounts on the Gmail system. While there is no direct evidence that the hackers were in the pay of the Chinese government, the sophistication of the attacks and their highly targeted nature eliminates direct financial gain as a motive. Google did not rule out the possibility of the attack being state-sponsored. The action could seriously heighten tensions over the issue of “cyberwar”. The US government moved this week to classify cyber-attacks as ” acts of war “, while the defence minister Nick Harvey said on Monday that ” action in cyberspace will form part of the future battlefield “. At an international cybersecurity conference being held in London this week, delegates warned that new cyber-attacks were being developed so quickly that there should be a nonproliferation treaty over their creation and use. Michael Rake of BT Group warned world powers were being drawn into a hi-tech arms race, with many already able to fight a war without firing a single shot. “I don’t think personally it’s an exaggeration to say you can bring a state to its knees without any military action whatsoever,” Rake said. He said it was “critical to try to move toward some sort of cyber technology non-proliferation treaty.” The Chinese government has repeatedly denied any involvement in hacking of foreign countries’ systems. The latest series of attacks appears to have been going on since February, according to a report referenced by Google. It said people using Google and Yahoo accounts were being targeted in a “spear phishing” campaign, in which emails crafted to be relevant only to the recipients are sent out with malware or fake links. If the person opens the email or follows the links, they will be led to sites which will steal their email login details or silently redirect all their email to another address. One example “spear phishing” email had the title “Fw: Draft US-China Joint Statement” and contained the text: “This is the latest version of State’s joint statement. My understanding is that State put in placeholder econ language and am happy to have us fill in but in their rush to get a cleared version from the WH, they sent the attached to Mike.” “Google detected and has disrupted this campaign to take users’ passwords and monitor their emails,” a spokesman said. “We have notified victims and secured their accounts. In addition, we have notified relevant government authorities. We believe that this campaign to steal users’ passwords originated from Jinan, China. We can’t say for sure who is responsible.” Google said its own systems were not affected – a contrast with the situation at the end of 2009 when government-sanctioned Chinese hackers broke into the Google systems and are thought to have gained access to highly sensitive code. At the same time, Chinese hackers attempted, sometimes successfully, to break into US companies, including Morgan Stanley, and global oil companies. China is believed to have gained a hugely valuable set of data about US military systems from a US Aries II signals intelligence aircraft that was forced to land on Hainan Island in April 2001 following a midair collision with a Chinese fighter jet. Chinese government-sponsored hackers have become increasingly active as internet use has grown worldwide. The Pentagon first warned in 2005 that it had detected a huge and concerted attempt to gather data from military and defence computers in the US which it had traced back to China, an operation it called “Titan Rain”. British MPs were also targeted with similar “phishing” and malware attacks to those reported by Google. On Sunday, the Pentagon IT supplier Lockheed Martin revealed it had been subjected to a “significant and tenacious” cyber-attack on its information systems network, although it did not have any information about where the attack originated. Companies such as Lockheed Martin often have plans for existing and future defence weaponry stored in their computer systems. The White House said there was no reason to believe any US government email accounts were accessed in the hacking attempt. Google Gmail China Email Hacking Data and computer security South Korea United States Charles Arthur guardian.co.uk

Posted by on June 1, 2011. Filed under News, Politics, World News. You can follow any responses to this entry through the RSS 2.0. You can skip to the end and leave a response. Pinging is currently not allowed.