2011年6月3日 星期五

Google, what exactly is the China connection for the phishing scare?

When Google said yesterday that Jinan, China is the apparent origin of a worrying phishing attack against hundreds of people, including U.S government officials and Chinese human rights activists, it ignored at least two other attack sources referred by the expert who first called attention to that very attack.

The question is why Google homed in on Jinan (a city whose name is politically charged because it is a regional command center for China?s military, the People?s Liberation Army) and left out some other potential sources, which a key expert says included Korea and New York.

Jinan is also home to the Lanxiang Vocational School, which was the alleged source of a more serious cyberattack on Google in 2009, in which the attackers spied on human rights activists and which forced Google to pull out of China ? this coming after years of tension-filled negotiations between Google and China to find a way to get along. So of course, when Google pinpoints Jinan as the apparent source, and provides no further back-up to its allegations, the assumption is �that Google either thinks, or at least wants others to think, that this all stems from the same Chinese foes of the past, and maybe even from the Chinese government.

Now, Google didn?t say it was orchestrated by Beijing, but you can see why the Chinese government thinks it?s being singled out.

The truth is, we just don?t know why Google has focused on Jinan. But in light of the political sensitivity, it would be in Google?s interest to offer more details, if only to shield the company from criticism that it is playing hardball against China for political reasons, and suspicion that it hasn?t nailed down enough facts to back its assertion that this came from China.

Here?s what we know: Mila Parkour, the Washington-based IT specialist at the security specialists Contagio Malware Dump who first spotted the attacks three months ago, and wrote about it here, documented a series of attacks from various locations. These also included Korea and New York.

This has some other experts asking questions, including Mary Landesman, a respected senior security researcher at Cisco. I called her up to ask her point of view of the attacks, and she pointed out that the Contagio documentation alone is not enough to pinpoint Jinan as the source.

By way of explanation, if someone sends a phishing attack through a Gmail account, that doesn?t mean that the attack originated from Mountain View, California (the home of Google, which owns Gmail), she said.

There?s a difference between tracking email headers and extracting origin, she added. Especially since the U.S government is taking such a keen interest in this (see Secretary of State Hilary Clinton?s tough words on this today, and given�recent report that the Pentagon may respond to cyber warfare with military force), it?s worth asking: Where?s the evidence?

Google isn?ting on the story right now beyond its original post, but we?ve checked in with our sources at the company, and they say Google is basing its Jinan reference on security intelligence gathered on its own. The company doesn?t want to reveal how this was done. Google?s post merely said it relied on ?user reports? as well the original Contagio report.

For now, we just don?t know, but because of the political ramifications, it sure would be helpful if Google were to reveal more facts.

Previous Story: With Facebook deal and more, OnLive shows off impressive momentum

Tags: China, cyber war, phishing

Companies: Google

Photo of Matt Marshall

About the Author, Matt Marshall

Matt Marshall is editor and CEO of VentureBeat. Follow him on Twitter at @mmarshall, and follow VentureBeat on Twitter at @venturebeat.

Source: http://venturebeat.com/2011/06/02/google-china-phishing-scare/

extenal hard drives alobe flash player att wirelsee at& t wireless

沒有留言:

張貼留言