In the wake of a massive cyber attack originating in China, Google has announced that it will stop censoring the Chinese version of its search engine. Consequently, Google may be forced to pull out of China. The NY Times reports: "Google said that a primary goal of the attackers was accessing the Gmail accounts of Chinese human right activists, but that the attack also targeted 20 other large companies in the finance, technology, media and chemical sectors."
This is a serious development, one that promises to have consequences that go far beyond Google and its operations in China.
If Google decides to leave China, Yahoo!, Microsoft, Apple, and other US tech companies will face immense pressure to follow suit. If this happens, why should Western governments make it easy for Chinese technology firms to have access to the West?
David Drummond, SVP, Corporate Development and Chief Legal Officer of Google, blogs about the incident. Drummond writes that in mid-December Google experienced a
highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property from Google. However, it soon became clear that what at first appeared to be solely a security incident--albeit a significant one--was something quite different.This is surely the most important statement anyone has made about human rights and free speech in a very long time. Google is to be congratulated for having done the right thing.
First, this attack was not just on Google. As part of our investigation we have discovered that at least twenty other large companies from a wide range of businesses--including the Internet, finance, technology, media and chemical sectors--have been similarly targeted. We are currently in the process of notifying those companies, and we are also working with the relevant U.S. authorities.
Second, we have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists. . . .
Third, as part of this investigation but independent of the attack on Google, we have discovered that the accounts of dozens of U.S.-, China- and Europe-based Gmail users who are advocates of human rights in China appear to have been routinely accessed by third parties. These accounts have not been accessed through any security breach at Google, but most likely via phishing scams or malware placed on the users' computers.
. . . People wanting to learn more about these kinds of attacks can read this U.S. government report (PDF), Nart Villeneuve's blog and this presentation on the GhostNet spying incident.
We have taken the unusual step of sharing information about these attacks with a broad audience not just because of the security and human rights implications of what we have unearthed, but also because this information goes to the heart of a much bigger global debate about freedom of speech. In the last two decades, China's economic reform programs and its citizens' entrepreneurial flair have lifted hundreds of millions of Chinese people out of poverty. Indeed, this great nation is at the heart of much economic progress and development in the world today.