Study: Google-China Attack Driven by Amateurs

From CNN:

The computer attack which led Google to threaten leaving China and created a firestorm between Washington and Beijing appears to have been deployed by amateurs, according to an analysis by a U.S. technology firm.

“I would say this particular botnet group was not well funded, in which case I would not conclude they were state sponsored, because the level of the tools used would have been far superior to what it was,” said Gunter Ollmann, vice president of research at Damballa, an Atlanta-based company that provides computer network security.

However, Ollmann points out that the attackers — who emanated from China — could have been contracted by outside parties to launch the attack. And while the deployment of the attack wasn’t sophisticated, the Internet Explorer software vulnerability it exploited to infiltrate Google was… If the security hole in Internet Explorer was the smoking gun of the attacks, what Ollmann and his researchers looked at was “the occupants and driver of the getaway van,” he said. They analyzed the global network of computers that attackers remotely used to deploy the attack, called a “botnet” — computers that, unbeknownst to owners, are taken over remotely and used to spread malicious software, or malware.

In related news, Google Argues That Chinese Censorship Was “Trade Dispute”:

A Google representative has announced that the web censorship policies adopted by China can be classified as ‘Trade Dispute’ as local companies benefit when the government restricts the operations of foreign companies.

At the beginning of the year, search engine Google had reported that the company was the target of a sophisticated cyber attack, in which cyber criminals hacked into the Gmail accounts of Chinese human rights activists.

Google had warned on its blog that the company will put a stop to its China operations if the Chinese government does not allow it to work in a censorship free environment as the cyber attack was traced back to China.

March 3, 2010 1:34 PM
Posted By: