Join our Mailing List

"For a happier, more stable and civilized future, each of us must develop a sincere, warm-hearted feeling of brotherhood and sisterhood."

Call off the search?

January 25, 2010

Short of accusing the Chinese Government of being
responsible, Google believes the attacks in China are deliberate..
R.K. Raghavan
The Hindu, Business Line
January 25, 2010

After years of meek submission to Chinese
authorities, Internet search engine giant Google
has at last chosen to flex its muscle. Having all
along soft-pedalled the continuous slight to its
commitment to freedom in cyberspace, it has now
announced that it will hereafter turn down
requests for censorship received from the Chinese
government, and may even decide totally to pull
out of the country. Whether this is mere bravado
– a revenue of $300,000- 400,000 annually from
Internet users is at stake – or a serious
expression of displeasure is not clear. This
astonishing display of guts is sequel to the
discovery that many accounts of its customers,
especially those known to be human rights
activists, had been recently hacked. Almost
simultaneous to this, many foreign journalists
based in Beijing have also complained of a
similar break-in of their own Google accounts. As
many as 34 companies – including Yahoo!, Adobe
and Symantec – have also spoken of their systems
being vandalised. Incidentally, the former
National Security Adviser M. K. Narayanan, a few
days before laying down office had confirmed news
of attempts by unknown elements recently to pry
into the systems in the Prime Minister's office.
All these happenings may or may not be connected.
The coincidences are too overwhelming to be ignored.

Google believes the attacks in China were
deliberate. Short of accusing the Chinese
Government of being responsible, it has more than
hinted that the former had a hand in the episode.
The attacks are believed to have originated in
China, although, as in the case of many instances
of hacking, there is no conclusive evidence to
establish the aggressor's identity or his
location. It has become annoyingly customary for
experts to label each attack as more
sophisticated than the ones seen before. Comments
on the latest happenings have been no different.

One official of the VeriSign iDefence Labs, a
Silicon Valley investigative company, has gone on
record to say that in the instant outrage,
instead of one type of malicious code, several
were used by the aggressor against multiple
targets. The modus operandus was the one normally
associated with phishing. The damage is
invariably caused by opening an innocuous-looking
mail, ostensibly originating from a person known
to the victim, although, in fact, the mail had
come from a total stranger. There was also a
discernible pattern in the recent intrusions.
Targets were mainly companies engaged in
strategic industries such as defence, an area in
which the Chinese are said to be generally
lagging behind the Western world. The objective
seems to have been one of collecting information
on new weapons systems. According to Google, the
attack was facilitated not by any breach or flaw
in its own systems, but by means of spying and eavesdropping.

It was not as if foreign firms operating in China
were unaware of the risks they faced from
hacking. In fact, many of them had taken special
precautions, such as use of FAX, voice
communication and virtual private networks. If
some unethical elements had still managed to
break in, it showed remarkable planning and
ingenuity. One malware specialist, Joe Stewart of
SecureWorks in Atlanta, alleges that the main
program used in the attack ‘contained a module
based on an unusual algorithm from a Chinese
technical paper published exclusively on
Chinese-language Web sites.' Another theory is
that it was a Trojan horse that was the main
source of mischief. According to one bizarre
analysis, the Chinese had possibly been framed in
this case by a foreign government agency which
had managed to place the clue in a program that
was used. There are, however, not many buyers for this conjecture.

Of all the systems breached, it is only in
respect of Adobe that we have reasonably
meaningful information enabling us to draw some
conclusions. Both Adobe Acrobat and Reader
software are popular the world over. About 95 per
cent of the machines in the world carry Adobe
software. The company's Flash technology, which
helps to present multimedia content on the Web
and mobile phones, is only slightly less used.
Its ubiquity alone makes Adobe vulnerable. A
Canadian researcher believes that the recent
attacks were greatly facilitated by booby-trapped
documents sent by hackers to sit on Adobe Acrobat
Reader. This speculation derives some strength
from the fact that many of the Dalai Lama's
computers were recently attacked by this means.

This is the traditional problem of investigating
computer attacks. There are numerous speculations
triggered by such attacks, none of which can be
readily endorsed or dismissed arbitrarily. The
ease with which an aggressor can mask his
identity is the greatest facilitator of cyber
crime, unless he has been dumb enough to leave
behind non-cyber physical clues that can be
picked up even in mundane police investigation.
This is what has worried overseas corporations
wanting to set up business units in China. Risks
of violation of privacy and confidentiality while
doing business in China seem to be escalating by
the day with the government in the country far
from being contrite. If Google's decision to pull
out of China is in fact carried through, US
relations with that country are likely to become strained.

One direct consequence of the hacking suffered by
Google is the latter's decision to upgrade its
mail security. Google mail now moves from http://
to https:// mode. This means that all messages
passing through Google will be encrypted during
their transmission. In the past only login details were so protected.

What do the happenings at Google mean to us in
India, especially in the context of the previous
NSA's admission that we were one major target?
Firstly, threats to cyberspace are real and cease
to be theoretical. Secondly, facing such threats
requires solid knowledge on how to combat an
attack. Responding to cyber attacks requires
ingenuity and knowledge of cyber security. Most
of all, the fight against cyber attacks requires
to be coordinated at one single point. At
present, too many agencies in the country are
dealing with the problem. This has to change. It
is anybody's guess what the Union Home Minister,
who is impatient with red tape, will want to do
to ensure this. Can this task move to the Home
Ministry from the IT Ministry which runs the
Computer Emergency Response Team (CERT)? A lot
will depend on what Chidambaram wants to do.
CTC National Office 1425 René-Lévesque Blvd West, 3rd Floor, Montréal, Québec, Canada, H3G 1T7
T: (514) 487-0665
Developed by plank