Google, Citing Attack, Threatens to Exit China
By ANDREW JACOBS and MIGUEL HELFT
Copyright by The New York Times
Published: January 12, 2010
This article was reported by Andrew Jacobs, Miguel Helft and John Markoff and written by Mr. Jacobs.
http://www.nytimes.com/2010/01/13/world/asia/13beijing.html?th&emc=th
BEIJING — Google said Tuesday that it would stop cooperating with Chinese Internet censorship and consider shutting down its operations in the country altogether, citing assaults from hackers on its computer systems and China’s attempts to “limit free speech on the Web.”
The move, if followed through, would be a highly unusual rebuke of China by one of the largest and most admired technology companies, which had for years coveted China’s 300 million Web users.
Since arriving here in 2006 under an arrangement with the government that purged its Chinese search results of banned topics, Google has come under fire for abetting a system that increasingly restricts what citizens can read online.
Google linked its decision to sophisticated cyberattacks on its computer systems that it suspected originated in China and that were aimed, at least in part, at the Gmail user accounts of Chinese human rights activists.
Those attacks, which Google said took place last week, were directed at some 34 companies or entities, most of them in Silicon Valley, California, according to people with knowledge of Google’s investigation into the matter. The attackers may have succeeded in penetrating elaborate computer security systems and obtaining crucial corporate data and software source codes, though Google said it did not itself suffer losses of that kind.
While the scope of the hacking and the motivations and identities of the hackers remained uncertain, Google’s response amounted to an unambiguous repudiation of its own five-year courtship of the vast China market, which most major multinational companies consider crucial to their growth prospects. It is also likely to enrage the Chinese authorities, who deny that they censor the Internet and are accustomed to having major foreign companies adapt their practices to Chinese norms.
The company said it would try to negotiate a new arrangement to provide uncensored results on its search site, google.cn. But that is a highly unlikely prospect in a country that has the most sweeping Web filtering system in the world. Google said it would otherwise cease to run google.cn and would consider shutting its offices in China, where it employs some 700 people, many of them highly compensated software engineers, and has an estimated $300 million in annual revenue.
Google executives declined to discuss in detail their reasons for overturning their China strategy. But despite a costly investment, the company has a much smaller share of the search market here than it does in other major markets, commanding only about one in three searches by Chinese. The leader in searches, Baidu, is a Chinese-run company that enjoys a close relationship with the government.
Google executives have privately fretted for years that the company’s decision to censor the search results on google.cn, to filter out topics banned by Chinese censors, was out of sync with the company’s official motto, “Don’t be evil.”
“We have decided we are no longer willing to continue censoring our results on google.cn, and so over the next few weeks we will be discussing with the Chinese government the basis on which we could operate an unfiltered search engine within the law, if at all,” David Drummond, senior vice president for corporate development and the chief legal officer, said in a statement.
Wenqi Gao, a spokesman for the Chinese Consulate in New York, said he did not see any problems with google.cn. “I want to reaffirm that China is committed to protecting the legitimate rights and interests of foreign companies in our country,” he said in a phone interview.
In China, search requests that include words like “Tiananmen Square massacre” or “Dalai Lama” come up blank. In recent months, the government has also blocked YouTube, Google’s video-sharing service.
While Google’s business in China is now small, analysts say that the country could soon become one of the most lucrative Internet and mobile markets, and a withdrawal would significantly reduce Google’s long-term growth.
“The consequences of not playing the China market could be very big for any company, but particularly for an Internet company that makes its money from advertising,” said David B. Yoffie, a Harvard Business School professor. Mr. Yoffie said advertising played an even bigger role in the Internet in China than it did in the United States. At the time of its arrival, the company said that it believed that the benefits of its presence in China outweighed the downside of being forced to censor some search results here, as it would provide more information and openness to Chinese citizens. The company, however, has repeatedly said that it would monitor restrictions in China.
Google’s announcement Tuesday drew praise from free speech and human rights advocates, many of whom had criticized the company in the past over its decision to enter the Chinese market despite censorship requirements.
“I think it’s both the right move and a brilliant one,” said Jonathan Zittrain, a legal scholar at Harvard’s Berkman Center for Internet and Society.
Rebecca MacKinnon, a fellow at the Open Space Institute and an expert on the Chinese Internet, said that Google had endured repeated harassment in recent months and that by having operations in China it potentially risked the security of its users in China. She said many Chinese dissidents used Gmail because its servers are hosted overseas and that it offered extra encryption.
“Unless they turn themselves into a Chinese company, Google could not win,” she said. “The company has clearly put its foot down and said enough is enough.”
In the past year, Google has been increasingly constricted by the Chinese government. In June, after briefly blocking access nationwide to its main search engine and other services like Gmail, the government forced the company to disable a function that lets the search engine suggest terms. At the time, the government said it was simply seeking to remove pornographic material from the company’s search engine results.
Some company executives suggested then that the campaign was a concerted effort to stain Google’s image. Since its entry into China, the company has steadily lost market share to Baidu.
Google called the attacks highly sophisticated. In the past, such electronic intrusions have either exploited the practice of “phishing,” to persuade unsuspecting users to allow their computers to be compromised, or exploited vulnerabilities in software programs permitting the attacks to gain control of systems remotely. Once they have taken over a target computer, it is possible to search for specific documents.
People familiar with the investigation into the attacks said they were aimed at source code repositories at high-tech companies. Source code is the original programmer’s instructions used to develop software programs and can provide both economic advantages as well as insight into potential security vulnerabilities.
In its public statement Google pointed to a United States government report prepared by the United States-China Economic and Security Review Commission in October and an investigation by Canadian researchers that revealed a vast electronic spying operation last March.
The Canadian researchers discovered that digital documents had been stolen via the Internet from hundreds of government and private organizations around the world from computer systems based in China.
Andrew Jacobs reported from Beijing, and Miguel Helft and John Markoff from San Francisco. David Barboza contributed reporting from Shanghai, and Jonathan Ansfield from Beijing.
In Rebuke of China, Focus Falls on Cybersecurity
By MIGUEL HELFT and JOHN MARKOFF
Copyright by The New York Times
Published: January 13, 2010
http://www.nytimes.com/2010/01/14/technology/14google.html?th=&adxnnl=1&emc=th&adxnnlx=1263495684-HaiFeBdwsVBEudNJnBL/Tg
SAN FRANCISCO — Even before Google threatened to pull out of China in response to an attack on its computer systems, the company was notifying activists whose e-mail accounts might have been compromised by hackers.
In a world where vast amounts of personal information stored online can quickly reveal a network of friends and associates, Google’s move to protect individuals from government surveillance required quick action. In early January, Tenzin Seldon, a 20-year-old Stanford student and Tibetan activist, was told by university officials to contact Google because her Gmail account had been hacked.
Ms. Seldon, the Indian-born daughter of Tibetan refugees, said she immediately contacted David Drummond, Google’s chief legal officer.
“David informed me that my account was hacked by someone in China,” Ms. Seldon said in a telephone interview. “They were concerned and asked whether they could see my laptop.”
Ms. Seldon immediately changed her password and became more careful of what she wrote. She also allowed Google to examine her personal computer at the company’s request. Google returned it this week, saying that while no viruses or malware had been detected, her account had indeed been entered surreptitiously.
Google confirmed Ms. Seldon’s account of events, but declined to say whether it had notified other activists who might have been victims of hacking.
Mr. Drummond said that an attack originating in China was aimed at its corporate infrastructure.
While the full scope of the attacks on Google and several dozen other companies remains unclear, the events set off immediate alarms in Washington, where the Obama administration has previously expressed concern about international computer security and attacks on Western companies.
Neither the sequence of events leading to Google’s decision nor the company’s ultimate goal in rebuking China is fully understood. But this was not the first time that the company had considered withdrawing from China, according to a former company executive. It had clashed repeatedly with Chinese officials over censorship demands, the executive said.
Google said on Tuesday that that in its investigation of the attacks on corporations, it found that the Gmail accounts of Chinese and Tibetan activists, like Ms. Seldon, had been compromised in separate attacks involving phishing and spyware.
Independent security researchers said that at least 34 corporations had been targets of the attacks originating in China.
Adobe, a software maker, said it had been the victim of an attack, but said that it did not know if it was linked to the hacking of Google. Some reports suggested that Yahoo had been a victim, but a person with knowledge said that Yahoo did not think that it been subject to the same attack as Google.
The decision by Google to draw a line and threaten to end its business operations in China brought attention to reports of Chinese high-technology espionage stretching back at least a decade. But despite Google’s suggestion that the hacking came from within China, it remained unclear who was responsible. Nevertheless, it presented the Obama administration with a problem of how to respond.
Google’s description of the attacks closely matches a vast surveillance system called Ghostnet that was reported in March by a group of Canadian researchers based at the Munk Center for International Studies at the University of Toronto. They found that an automated espionage system based in China was using targeted e-mail messages to compromise thousands of computers in hundreds of governmental organizations. In each case, after the computers were controlled by the attackers, they were able to scan for documents that were then stolen and transferred to a digital storage facility in China.
The researchers stopped short of directly accusing the Chinese government of masterminding the attacks. However, for years there have been reports of attacks planned by so-called patriotic hackers in China, and many American security specialists argue that these are simply irregular elements of the People’s Liberation Army. At the same time, hackers frequently use so-called false flag espionage or denial of service attacks to route their activities through the computers of a third country and hide their identity.
One of the Canadian researchers said that fellow computer security researchers suspected that the attack on Google and other recent intrusions relied on hackers sending booby-trapped documents that were stored in Adobe’s Acrobat Reader format, which then infect victims’ computers. This method was seen in a recent wave of attacks on the Dalai Lama’s computers. “We’ve seen a huge upsurge in attacks using Adobe Acrobat,” said Greg Walton, an editor at Information Warfare Monitor, a publication of the Canadian research group.
A spokeswoman for Adobe said the company was investigating the reports, but could not confirm that the Adobe software was linked to the most recent attacks.
For Google, the attacks appeared to have been the final straw in a series of confrontations with Chinese authorities.
Top Google executives, including the chief executive, Eric E. Schmidt, and the co-founders, Larry Page and Sergey Brin, were ambivalent about the decision to go into China in 2006, which involved agreeing to censor some search results on the company’s local search engine, according to a former executive with knowledge of the discussions. The resistance was strong from Mr. Brin, who had grown up in the Soviet Union.
But after discussions and internal lobbying from Chinese and Chinese-American employees inside Google, as well as some of the company’s sales executives, Google’s top executives came around. They were particularly swayed by the argument that even a censored version of Google’s search engine would provide Chinese people more access to information and help promote free expression in that country.
Once the decision was made, however, Google began expanding its operation in China, which it expected would grow to be one of the largest Internet markets. During Mr. Schmidt’s 2006 visit to China, shortly after Google introduced the company’s China-based search engine, Google.cn, he told reporters that it would be “arrogant” to try to change China’s censorship laws.
But repeated clashes with Chinese authorities caused Google to reconsider its decision on many occasions, the former executives said. Things almost collapsed in 2008, when Chinese government officials asked Google to censor results not only on Google.cn but also on Google.com. the company’s English-language search engine. Google refused, and after the 2008 Olympics, Chinese officials dropped the issue.
Google now says it thinks that its attempt to help bring openness to China has failed.
“We were looking at an environment that is more difficult than it was when we started,” Mr. Drummond said in an interview on Tuesday. “Far from our presence helping to open things up, it seems that things are getting tighter for open expression and freedom.”
Robert Gibbs, the White House press secretary, said Wednesday that the White House had been briefed by Google on the company’s decision. However, he declined to describe what actions the government might take in response to the claims of Chinese-directed Internet attacks.
“The recent cyberintrusion that Google attributes to China is troubling, and the federal government is looking into it,” said a White House spokesman, Nicholas Shapiro. He said that the president had stated that Internet freedom was a central human rights issue on a recent China trip. He also said that the president had made Internet security a national priority.
Gabriel Stricker, a Google spokesman, said Google’s decision to publicize the attacks was motivated in part by its desire to alert activists that their accounts could have been compromised.
The attacks present a challenge for the Obama administration, which last year debated the role of a federal Internet security adviser. The administration is grappling on how to balance stricter security controls and the freedom of technology companies to innovate.
Several Internet security specialists were quick to point out that a group within the White House led by Lawrence H. Summers, the national economic adviser, had pointed to Google in debates on the appointment as an example of an innovative Silicon Valley company that might be hamstrung by strict new Internet security restrictions.
“It’s ironic that the new economy folks at the White House were pushing back against faster movement on cybersecurity to protect companies like Google from stricter regulations,” said James Lewis, an Internet security specialist at the Center for Strategic and International Studies in Washington. Last year, Mr. Lewis led a bipartisan study calling for the creation of a strong Internet czar reporting directly to the president to combat a rash of new security threats.
The White House said on Tuesday that Howard A. Schmidt, a compromise candidate who was chosen last month to be the Internet security adviser, would not start in the position until later in the month.
Ashlee Vance contributed reporting from Mountain View, Calif., and Thom Shanker from Washington.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment