Published June 01, 2011
Chinese hackers have infiltrated Google's Gmail system and broken into hundreds of accounts, including those of senior government officials, military personnel and political activists, the company said.
Google says all victims have been notified and their accounts have been secured.
"Through the strength of our cloud-based security and abuse detection systems, we recently uncovered a campaign to collect user passwords, likely through phishing," wrote Eric Grosse, engineering director of Google's Security Team, in a post on the company blog.
"This campaign, which appears to originate from Jinan, China, affected what seem to be the personal Gmail accounts of hundreds of users including, among others, senior U.S. government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists."
Google credited its own security measures for detecting and disrupting the intrusions. Mila Parkour, a security researcher who helped alert Google to the Gmail breach, said the attacks had been occurring for at least a year before they were finally uncovered.
"It was persistent and bold," Mila Parkour said of the hacking scheme in a Wednesday email exchange with The Associated Press. Parkour first shared her suspicions about the breach in a Feb. 17 post on her Contagio blog.
Google wouldn't say what parts of the U.S. government were targeted or whether any confidential information may have been contained in the trespassed Gmail accounts. Besides senior government officials, other people whose Gmail accounts were infiltrated included Chinese political activists, military personnel, journalists and officials in other countries, mainly in South Korea.
The news comes a day after the Pentagon concluded that computer sabotage from another country could constitute an act of war -- news that opened the door for the first time to a traditional military response to a cyberattack.
"The Department of Homeland Security is aware of Google's message to its customers on ensuring the safety of information online," said Chris Ortman, a spokesman for the Department of Homeland Security. "We are working with Google and our federal partners to review the matter, offer analysis of any malicious activity, and develop solutions to mitigate further risk."
The attacks aren't believed to be tied to a more sophisticated assault that originated from China in late 2009 and early 2010. That intrusion targeted Google's own security systems and triggered a high-profile battle with China's Communist government over online censorship.
That break-in prompted Google to move its Chinese-language search engine from mainland China so it wouldn't have to edit its results to conform with the ruling party's censorship rules. The search engine is now based in Hong Kong, which has less stringent rules.
Tensions escalated amid reports that the Chinese government had at least an indirect hand in the hacking attacks -- a possibility that Google didn't rule out.
The latest duplicity appeared to rely on so-called "phishing" scams and other underhanded behavior that hackers frequently use to obtain passwords from people and websites that aren't vigilant about protecting the information.
The culprits behind the Gmail breaches appeared to have specific targets in mind. That is known as "spear phishing" in high-tech circles.
Computer security specialist says spear phishing often provides the means for even broader attacks.
The Gmail attackers were intent on spying on inboxes, according to Google, but their ambitions beyond that were unclear.
Parkour said the hackers' scam proved highly effective "because they used information from the emails for future phishing emails, often using information that would be known only to (the) victim -- thus gaining more trust." She said the ruse served as a reminder of the security weaknesses of Web-based email services such as Google's.
"The Internet has been an amazing force for good in the world -- opening up communications, boosting economic growth and promoting free expression," Grosse wrote.
"But like all technologies, it can also be used for bad things," he said.
The Associated Press contributed to this report.