In a shocking announcement, Wednesday, Google said Chinese hackers have hacked into hundreds of Gmail accounts of senior US and South Korean government officials, military personnel, and Chinese political activists and journalists through a carefully targeted and sustained phishing scam.
The Internet search engine giant said, Wednesday, in a blog that the concerted attack originated from Jinan, the capital of Shandong province in China.
The hackers, Google said, tried to gain control over user's accounts but the breach was detected and disrupted on time. There are over 200 million Gmail users in the world.
We have notified victims and secured their accounts. In addition, we have notified relevant government authorities. We believe that this campaign to steal users' passwords originated from Jinan, China. We can't say for sure who is responsible, a Google spokesman said.
The company said it detected the phishing campaign through its internal security systems, through the reports from users, and through a report published in February on the Contagio blog, a collection of malware samples and threat analysis.
In a blog post, Google has suggested some tips to Gmail users on protecting themselves against phishing scams. The company told them to take steps to improve your online security so that you can experience all that the Internet offers - while also protecting your data. The company tips that Gmail users begin using a two-step verification process that requires users enter a code sent to their phone after they have entered their password. It also tips Gmail users to check their forwarding and access settings, be on alert for suspicious activity warnings in Gmail.
Though there is no direct evidence that the Chinese government is involved, Google has not ruled out the possibility that the hacking attack was state-sponsored as the sophisticated, brazen and targeted nature of the attacks and their targeted indicate that financial gain was not the primary motive. An Internet security expert said this could be a case of cyber espionage and not cyber crime.
Google said its own systems were not hacked this time. These account hijackings were not the result of a security problem with Gmail itself, the company said. In 2009, government-sanctioned Chinese hackers breached Google's systems and gained access to highly sensitive codes that resulted in the loss of significant intellectual property.
The Chinese government did not comment on the latest attack but in the past it has vehemently denied any involvement in hacking foreign countries' systems.
However, Google is not convinced. The company said Gmail users were being targeted in a spear phishing campaign, in which emails are crafted in such a way so that it is relevant to the targeted victims. These emails, often appearing to come from legitimate associates, friends or organizations, contain malware, which are activated when clicked on, or fake links, which lure the user into giving out their email id/password and other personal information.
For instance, one phishing email had subject line Fw: Draft US-China Joint Statement and contained the text: This is the latest version of State's joint statement. My understanding is that State put in placeholder econ language and am happy to have us fill in but in their rush to get a cleared version from the WH, they sent the attached to Mike.
The White House said it is looking into the matter though it feels US government email accounts were not compromised. An FBI official said the agency is working with Google to investigate the breach.
In the past, hackers, who have broken into financial companies like Morgan Stanley and global oil companies, have been traced to China. Last month Microsoft said it had patched a Web programming bug in its Hotmail service that allowed hackers to break into e-mail accounts. Last week, Lockheed said its computer network was breached by hackers. The source of hacking was traced to China.
The latest hack attack is going to leave the Chinese government red-faced even if it is not involved. Last year, Google had accused Beijing of being the Great Firewall of China because of the latter's tight controls over online content. It also complained that the Chinese government had targeted the accounts of Chinese human rights activists. China reacted by saying it was totally wrong to stop censorship. The spat led Google to base its Chinese-language search engine Google.cn in Hong Kong.
Later, the two sides called an uneasy truce after China threatened to stop Google's services in the world's largest Internet market by users.