Like many other well-known organizations, we face cyber attacks of varying degrees on a regular basis. In mid-December, we detected a highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property from Google. However, it soon became clear that what at first appeared to be solely a security incident–albeit a significant one–was something quite different.
First, this attack was not just on Google. As part of our investigation we have discovered that at least twenty other large companies from a wide range of businesses–including the Internet, finance, technology, media and chemical sectors–have been similarly targeted. We are currently in the process of notifying those companies, and we are also working with the relevant U.S. authorities.
Second, we have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists. Based on our investigation to date we believe their attack did not achieve that objective. Only two Gmail accounts appear to have been accessed, and that activity was limited to account information (such as the date the account was created) and subject line, rather than the content of emails themselves.
Third, as part of this investigation but independent of the attack on Google, we have discovered that the accounts of dozens of U.S.-, China- and Europe-based Gmail users who are advocates of human rights in China appear to have been routinely accessed by third parties. These accounts have not been accessed through any security breach at Google, but most likely via phishing scams or malware placed on the users’ computers.
We have already used information gained from this attack to make infrastructure and architectural improvements that enhance security for Google and for our users. In terms of individual users, we would advise people to deploy reputable anti-virus and anti-spyware programs on their computers, to install patches for their operating systems and to update their web browsers. Always be cautious when clicking on links appearing in instant messages and emails, or when asked to share personal information like passwords online. You can read more here about our cyber-security recommendations. People wanting to learn more about these kinds of attacks can read this U.S. government report (PDF), Nart Villeneuve’s blog and this presentation on the GhostNet spying incident.
We have taken the unusual step of sharing information about these attacks with a broad audience not just because of the security and human rights implications of what we have unearthed, but also because this information goes to the heart of a much bigger global debate about freedom of speech. In the last two decades, China’s economic reform programs and its citizens’ entrepreneurial flair have lifted hundreds of millions of Chinese people out of poverty. Indeed, this great nation is at the heart of much economic progress and development in the world today.
We launched Google.cn in January 2006 in the belief that the benefits of increased access to information for people in China and a more open Internet outweighed our discomfort in agreeing to censor some results. At the time we made clear that "we will carefully monitor conditions in China, including new laws and other restrictions on our services. If we determine that we are unable to achieve the objectives outlined we will not hesitate to reconsider our approach to China."
These attacks and the surveillance they have uncovered–combined with the attempts over the past year to further limit free speech on the web–have led us to conclude that we should review the feasibility of our business operations in China. We have decided we are no longer willing to continue censoring our results on Google.cn, and so over the next few weeks we will be discussing with the Chinese government the basis on which we could operate an unfiltered search engine within the law, if at all. We recognize that this may well mean having to shut down Google.cn, and potentially our offices in China.
The decision to review our business operations in China has been incredibly hard, and we know that it will have potentially far-reaching consequences. We want to make clear that this move was driven by our executives in the United States, without the knowledge or involvement of our employees in China who have worked incredibly hard to make Google.cn the success it is today. We are committed to working responsibly to resolve the very difficult issues raised.
Posted by David Drummond, SVP, Corporate Development and Chief Legal Officer
译文:
与其他很多著名组织一样,我们经常会碰到各种各样的网络攻击。去年12月中旬,我们检测到一次来自中国的,对我们集团网络设备高度精密和有针对性的网络攻击,在此次攻击中,谷歌公司的知识产权遭到窃取。我们很快就查清这并非只是一场单纯的安全事件。
首先,此次攻击并非仅仅针对谷歌。我们在调查中发现,至少有其他20家大型公司也成为了类似的攻击目标,这些公司所在的行业分布广泛—包括互联网、金融、科技、媒体和化工行业。我们目前正在通知这些公司,并与美国有关部门携手展开调查。
第二,我们有证据表明攻击者的主要目标是入侵中国人权活动者的Gmail邮箱账户。根据我们掌握的调查数据,我们确信他们的攻击还未能达此目的。只有两个 Gmail账户有被侵入过的迹象,而入侵者的活动范围也仅限于账户信息(如账户创建时的数据)和邮件主题,而不是邮件内容。
第三,我们在对谷歌案件的调查中发现,有很多拥护人权活动,注册地在美国、中国和欧洲的Gmail邮箱账户似乎经常受到第三方侵入。入侵者并非是通过Google的安全漏洞进行攻击,而极有可能是通过在用户的电脑内植入钓鱼网页或是恶意软件来达到目的。
我们已经利用从这次攻击中所获取的资料,改善基础设施及架构,提高谷歌及我们用户的安全。从个人用户来说,我们我们建议他们在自己的电脑上安装信誉好的反病毒和反间谍软件程序,给他们的操作系统安装补丁,并更新所使用的网络浏览器。在点击即时信息和电子邮件的链接时,或要求在线提供个人密码等个人资料时,要保持警惕。在这里,你能够阅读到更多我们所提出的关于电子安全方面的建议。如果希望获得更多关于这种类型攻击情况,请阅读美国政府的这份报告(PDF)。
2006年1月,虽然我们对一些搜索结果将受到审查而感到不适,但为了加强与中国用户的联系以及建立一个更为开放的互联网环境,我们还是发布了 Google.cn。从发布之日起我们就有着明确的运营思路—我们将仔细审视中国的运营环境,包括新法律的发布以及对我们所服务领域的其他规定。如果我们认为我们无法取得既定目标,我们将毫不犹豫的重新考虑我们在中国的发展策略。
这些未经报道的攻击和监视,以及过去几年来政府试图进一步限制互联网上的言论自由已使我们得出结论,我们应重新审视我们在中国的业务运营。我们已决定我们将不再继续审查Google.cn上的搜索结果,且如有可能的话,未来几周内我们将与中国政府就我们是否可以依法运营一个未经过滤的搜索引擎展开讨论。我们认识到这可能意味着我们不得不关闭Google.cn,并有可能关闭我们设在中国的办公部门。
本文来源于誰的米(cderme) http://www.cderme.com , 原文地址: http://www.cderme.com/3173.html