Google Inc.’s discovery of an attempt to steal passwords from Gmail users, which may have originated in China, is being reviewed by the U.S. State Department and Federal Bureau of Investigation.
The U.S. was notified this week and is looking into the allegations, Secretary of State Hillary Clinton said. The FBI is working with Google to review the matter, said Jenny Shearer, a bureau spokeswoman. The attacks likely targeted hundreds of Gmail users, including U.S. government officials. China’s foreign ministry said yesterday that any suggestion the government is behind the attack would be a “fabrication.”
“We are obviously very concerned about Google’s announcement about a campaign that the company believes originated in China,” Clinton said yesterday at the State Department. “These allegations are very serious. We take them very seriously.”
The campaign against Gmail users, announced this week in a company blog post, is stirring up concerns about cyber security and the role of China, home to the world’s largest Internet market. Google’s challenges in China were highlighted last year, when the company said it was the victim of attacks against its systems that originated there, and decided it would no longer censor results on its search engine, forcing it to shutter the service.
Google, based in Mountain View, California, didn’t say who was responsible for the latest cyber attacks. The company said the effort appeared to have been based in Jinan, China.
The FBI is coordinating the U.S. investigation, White House Press Secretary Jay Carney said yesterday. There is no evidence that official government e-mail accounts were compromised, he said.
Blaming China for the hacking of Google’s customer accounts is “unacceptable,” Foreign Ministry spokesman Hong Lei said. The government “disapproves” of hacking activities, and punishes them, he said.
Any suggestions that the Chinese government is behind the hackings at Google are “a fabrication” and have “an ulterior motive,” Hong said.
In January 2010, Google said it was targeted by “highly sophisticated” attacks from inside China aimed at obtaining proprietary information, as well as personal data belonging to human-rights activists who use the Gmail service. The company later decided to escape local censorship rules by pointing users to its Hong Kong service. In March this year, the U.S. company accused the Chinese government of blocking Gmail.
The hackers in the recent case probably used a so-called phishing scam to collect passwords with the goal of monitoring e-mail content, Eric Grosse, engineering director on the Google Security Team, said in a blog post this week. The company said it detected and disrupted the campaign, secured users’ accounts and notified authorities.
“We believe that being open about these security issues helps users better protect their information online,” Grosse said on the blog.
Google’s internal systems weren’t affected, and the attempts didn’t involve a security problem with Gmail, Grosse said.
Phishing scams typically involve tricking users into sharing passwords that can then be used to obtain information. While most of these kinds of attacks aren’t very targeted, these “hijackings” went after senior U.S. government officials, Chinese political activists, officials in several Asian countries, military personnel and journalists.
“A lot of this goes on internationally,” said Christopher McNally, a fellow and political economist at the East-West Center in Honolulu. “In most situations, it’s certain rogue organizations or even individuals that are doing it for profit.”
Users should protect themselves by adopting such safeguards as multistep verifications for their accounts, strong passwords and checking for suspicious forwarding addresses, Grosse said.
Google rose $2.46 to $528.06 at 4 p.m. New York time on the Nasdaq Stock Market. The shares have declined 11 percent this year.