China denies role in Gmail account attacks
Calls Google's accusations 'fabricated with ulterior motives;' FBI to investigate
Computerworld - A Chinese official today denied accusations that the government was responsible for attacks that accessed hundreds of Google Gmail accounts.
"The so-called allegations that the Chinese government supports hacking is completely fabricated with ulterior motives," said Hong Lei, a spokesman for the Ministry of Foreign Affairs, in a Beijing press briefing today.
On Wednesday, Google announced it had disrupted a targeted phishing campaign designed to hijack Gmail accounts belonging to senior U.S. and South Korean government officials, military personnel, Chinese activists and journalists.
Google said it had traced the identity theft attacks to Jinan, China, a city in eastern China that was linked to the December 2009 attacks on Google's network. Those attacks eventually prompted Google to transfer its search engine from China to Hong Kong.
According to the Reuters news service, the U.S. is looking into Google's claims.
"We are obviously very concerned about Google's announcement regarding a campaign that the company believes originated in China," Secretary of State Hillary Clinton told reporters Thursday. "We take them seriously, we're looking into them."
The Federal Bureau of Investigation (FBI) will lead the inquiry, Clinton indicated. The FBI did not reply to Computerworld's request for comment on the investigation.
Lei also called Google's accusations "unacceptable," and said "China is also a victim" of hacking.
But the most caustic comments came from Xinhau News Agency, the Chinese government's official press arm.
In an editorial published on the agency's Web site, Yang Lina blasted Google, saying it was "impudent...to lash out at others without solid proof to support its accusation" and calling the U.S. company's complaint "chimerical."
"Furthermore, it is not appropriate for Google, a profit-first business, to act as an Internet judge," said Lina.
Google credited its internal abuse detection systems, designed to warn it of suspicious behavior by Gmail accounts, for kick-starting its investigation, but also gave a tip of the hat to Mila Parkour, a Washington D.C.-based independent security researcher who reported on the Gmail phishing campaign in mid-February.
Unlike the attacks in late 2009 that targeted Google and dozens of other Western corporations, the phishing campaign did not try to plant malware on victim's PCs, said Parkour today.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts