A new approach to China

Like many other well-known organizations, we face cyber attacks of
varying degrees on a regular basis. In mid-December, we detected a
highly sophisticated and targeted attack on our corporate
infrastructure originating from China that resulted in the theft of
intellectual property from Google. However, it soon became clear that
what at first appeared to be solely a security incident–albeit a
significant one–was something quite different.


First, this attack was not just on Google. As part of our
investigation we have discovered that at least twenty other large
companies from a wide range of businesses–including the Internet,
finance, technology, media and chemical sectors–have been similarly
targeted. We are currently in the process of notifying those companies,
and we are also working with the relevant U.S. authorities.


Second, we have evidence to suggest that a primary goal of the
attackers was accessing the Gmail accounts of Chinese human rights
activists. Based on our investigation to date we believe their attack
did not achieve that objective. Only two Gmail accounts appear to have
been accessed, and that activity was limited to account information
(such as the date the account was created) and subject line, rather
than the content of emails themselves.


Third, as part of this investigation but independent of the attack
on Google, we have discovered that the accounts of dozens of U.S.-,
China- and Europe-based Gmail users who are advocates of human rights
in China appear to have been routinely accessed by third parties. These
accounts have not been accessed through any security breach at Google,
but most likely via phishing scams or malware placed on the users


We have already used information gained from this attack to make
infrastructure and architectural improvements that enhance security for
Google and for our users. In terms of individual users, we would advise
people to deploy reputable anti-virus and anti-spyware programs on
their computers, to install patches for their operating systems and to
update their web browsers. Always be cautious when clicking on links
appearing in instant messages and emails, or when asked to share
personal information like passwords online. You can read more here
about our cyber-security recommendations. People wanting to learn more
about these kinds of attacks can read this U.S. government report
(PDF), Nart Villeneuves blog and this presentation on the GhostNet
spying incident.


We have taken the unusual step of sharing information about these
attacks with a broad audience not just because of the security and
human rights implications of what we have unearthed, but also because
this information goes to the heart of a much bigger global debate about
freedom of speech. In the last two decades, Chinas economic reform
programs and its citizens entrepreneurial flair have lifted hundreds of
millions of Chinese people out of poverty. Indeed, this great nation is
at the heart of much economic progress and development in the world


We launched in January 2006 in the belief that the
benefits of increased access to information for people in China and a
more open Internet outweighed our discomfort in agreeing to censor some
results. At the time we made clear that “we will carefully monitor
conditions in China, including new laws and other restrictions on our
services. If we determine that we are unable to achieve the objectives
outlined we will not hesitate to reconsider our approach to China.”


These attacks and the surveillance they have uncovered–combined with
the attempts over the past year to further limit free speech on the
web–have led us to conclude that we should review the feasibility of
our business operations in China. We have decided we are no longer
willing to continue censoring our results on, and so over the
next few weeks we will be discussing with the Chinese government the
basis on which we could operate an unfiltered search engine within the
law, if at all. We recognize that this may well mean having to shut
down, and potentially our offices in China.


The decision to review our business operations in China has been
incredibly hard, and we know that it will have potentially far-reaching
consequences. We want to make clear that this move was driven by our
executives in the United States, without the knowledge or involvement
of our employees in China who have worked incredibly hard to make the success it is today. We are committed to working
responsibly to resolve the very difficult issues raised.

Posted by David Drummond, SVP, Corporate Development and Chief Legal Officer


About breezesophie

态度desides一切。 清风过山。 阿森纳是信仰 一个艺术家 ř丰富 维持稳定的 é优秀 ñ不错 阿都 L爱
此条目发表在计算机与 Internet分类目录。将固定链接加入收藏夹。


Fill in your details below or click an icon to log in: 徽标

You are commenting using your account. Log Out /  更改 )

Google photo

You are commenting using your Google account. Log Out /  更改 )

Twitter picture

You are commenting using your Twitter account. Log Out /  更改 )

Facebook photo

You are commenting using your Facebook account. Log Out /  更改 )

Connecting to %s