谷歌说中国黑客入侵用户帐户

VOA Chinese Report

谷歌说,中国电脑黑客入侵数百人的电子邮件帐户,其中包括美国高级官员、记者和中国政治活动人士。谷歌这个互联网巨头说,窃取谷歌电子邮件帐户用户密码的计划起源于中国东部济南市。谷歌没有披露哪些帐户被侵犯,但是白宫说,没有理由认为任何美国政府帐户遭到袭击。

谷歌说,黑客用一个叫做“钓鱼”的病毒获取信息。受害者在对看似来自朋友和其他可信来源的虚假信息作出回应时被引诱透露密码和其它信息。中国当局没有对此发表评论。

中国境内的黑客去年对谷歌发动了一场更加广泛的网络攻击。北京政府严格控制互联网内容,不让用户接收色情等所谓有害内容。但是人权组织谴责中国对亲反对派的活动人士进行审查。


AP News Report

Google says Chinese hackers broke into Gmail

AP

Hackers likely based in China tried to break into hundreds of Google mail accounts, including those of senior US government officials, Chinese activists and journalists, the Internet company said on June 1, 2011 The Chinese characters read “Welcome to the new home for Google searching in China”. – Reuters Photo
SAN FRANCISCO: Computer hackers in China broke into the Gmail accounts of several hundred people, including senior US government officials, military personnel and political activists, Google Inc. said Wednesday.

The attacks aren’t believed to be tied to a more sophisticated assault originating from China in late 2009 and early last year. That intrusion targeted the Google’s own security systems and triggered a high-profile battle with China’s Communist government over online censorship, which has made it more difficult for the company to do business in the world’s most populous country.

The latest duplicity appeared to rely on so-called ‘‘phishing’’ scams and other underhanded behavior that hackers frequently use to obtain passwords from people and websites that aren’t vigilant about protecting the information.

Google credited its own security measures for detecting and disrupting the intrusions. All the victims have been notified and their Gmail account secured, according to the company.

Google wouldn’t say what parts of the US government were targeted or whether any confidential information may have been contained in the breached Gmail accounts.

Besides senior government officials, other people whose Gmail accounts were violated included Chinese political activists, military personally, journalists and officials in other countries, mainly in South Korea.

Google traced the origin of the attacks to Jinan, China. That’s the home city of a vocational school whose computers were linked to the assault more than a year ago on Google’s computer systems, along with those of more than 20 other US companies.

That break-in prompted Google to move its Chinese-language search engine from mainland China so it wouldn’t have to edit its results to conform with the ruling party’s censorship rules.

The search engine is now based in Hong Kong, which has less stringent rules. Before the shift, the tensions escalated amid reports that the Chinese government escalated amid reports that had at least an indirect hand in the 2009 and 2010 hacking attacks, a possibility that Google didn’t rule out.


New York Times Report
Google Says Hackers in China Stole Gmail Passwords

SAN FRANCISCO — Google said Wednesday that hundreds of users of Gmail, its e-mail service, had been the targets of clandestine attacks apparently originating in China that were aimed at stealing their passwords and monitoring their e-mail.

In a blog post, the company said the victims included senior government officials in the United States, Chinese political activists, officials in several Asian countries, military personnel and journalists.

It is the second time Google has pointed to an area of China as the source of an Internet intrusion. Its latest announcement is likely to further ratchet up the tension between the company and Chinese authorities.

On Thursday, the  Chinese government rejected suggestions that it was linked to the attack.

Last year, Google said it had traced a sophisticated invasion of its computer systems to people based in China. The accusation led to a rupture of the company’s relationship with China and a decision by Google not to cooperate with China’s censorship demands. As a result, Google decided to base its Chinese search engine in Hong Kong.

The more recent attacks were not as technically advanced, relying on a common technique known as phishing to trick users into handing over their passwords. But Google’s announcement was unusual in that it put a spotlight on the scale, apparent origins and carefully selected targets of a coordinated campaign to hijack e-mail accounts.

Google said that once the intruders had logged into the accounts, they could change settings for mail forwarding so that copies of messages would be sent to another address. The company said it had “disrupted” the campaign and had notified the victims as well as government agencies. Executives at Google declined to comment beyond the blog post. The company recommended that Gmail users take additional security steps, like using a Google service known as two-step verification, to make it more difficult to compromise their e-mail accounts. But it emphasized that the password thefts were not the result of a general security problem with Gmail.

The Chinese Foreign Ministry said  Thursday  that it “cannot accept” accusations that China was behind the hackers who tried to break into hundreds of  Google e-mail accounts, Reuters reported from Beijing.

 “Blaming these misdeeds on China is  unacceptable,” Hong Lei, a ministry  spokesman,  told a regular news briefing, according to Reuters.   “Hacking is  an international problem and China is  also a victim. The claims of so-called  support for hacking are completely unfounded and have ulterior motives.”

Google acknowledged that it had been alerted to the problem in part by Mila Parkour, a security researcher in Washington who posted evidence of a type of phishing attack on her blog in February. She documented examples of what has recently been described as a “man-in-the-mailbox” attack, in which the intruder uses the account of one victim and his e-mail contacts to gain the trust of a new victim.

Ms. Parkour wrote that the method used in this attack “is far from being new or sophisticated,” but that she was posting information about it because of “the particularly invasive approach of the attack.”

She highlighted a fake document titled “Draft US-China Joint Statement” that was circulated among people with e-mail accounts at the State Department, the Defense Department, the Defense Intelligence Agency and Gmail. Clicking to download the document directed users instead to a fake Gmail log-in page that captured their passwords.

Caitlin Hayden, a spokeswoman for the National Security Council, said the White House was looking into the matter.

“We have no reason to believe that any official U.S. government e-mail accounts were accessed,” Ms. Hayden said in an e-mail.

Google said the attacks apparently originated in Jinan, a provincial capital in eastern China. The city is a regional command center for the Chinese military, one of seven in the country. It is also home to the Lanxiang Vocational School, which was founded with military support. Last year, investigators looking into the attack on Google’s systems said they had traced some of the hacking activity back to the school.

At the time, government and school officials strongly denied any connection with the attack, and China’s foreign ministry said linking the Chinese authorities to such attacks was “baseless, highly irresponsible and hype with ulterior motives.”

That earlier attack appeared to be aimed at gathering information on human rights activists who were involved in political campaigns aimed at China. It was part of a wave of attacks that hit a range of American companies beginning in mid-2009 and that was first publicly disclosed by Google in January 2010.

Chinese government media officials were not immediately available to comment on Google’s latest announcement.

Rafal Rohozinski, a network security specialist at the SecDev Group in Ottawa, said it was impossible to lay blame for the campaign on the Chinese government with any certainty. Because of the borderless nature of the Internet, it is easy for intruders to connect through a series of countries to mask their identities. “The fact that someone is harvesting Gmail credentials is not surprising,” Mr. Rohozinski said.

This year, the Chinese government has stepped up its controls over the Internet within the country, with increased scrutiny of news and blog sites, particularly in the wake of political upheaval in North Africa and the Middle East.

The government has also apparently crippled some virtual private network services, or VPNs, which have been used by Chinese and expatriates to gain access to corporate e-mail or get around controls that block many Web sites from being entered in China, like YouTube, Facebook and Twitter.

Security specialists said the Google warning to users was an indication that efforts to place the responsibility for Internet security on individuals was failing.

“I think this is impossible to solve by going to one user at a time and trying to teach them how to behave on the Internet,” said Nir Zuck, founder and chief technology officer of Palo Alto Networks. “It doesn’t matter how much education you put into it — you will always have end users that will make a mistake.”

John Markoff reported from San Francisco and David Barboza from Shanghai.


BBC Report

China rejects Gmail spying claims

Google said the cyber-spying campaign targeted Gmail accounts of US officials and journalists.
 
A foreign ministry spokesman said it was "unacceptable" to blame China.

Google has not blamed the Chinese government directly, but says the hacking campaign originated in Jinan.

The US company said its security was not breached but indicated individuals' passwords were obtained through fraud.

Google said Chinese political activists and officials in other Asian countries were also targeted from the Shandong city, which is 400 km (250 miles) south of Beijing.

The White House said it was investigating the reports but did not believe official US government e-mail accounts had been breached.

Safety tips
 
It is extremely difficult for analysts to determine whether governments or individuals are responsible for such attacks, says the BBC's Adam Brookes in Washington.

But the fact that the victims were people with access to sensitive - even secret - information raises the possibility that this was cyber-espionage rather than cyber-crime, adds our correspondent.

"Hacking is an international problem and China is also a victim. The claims of so-called support for hacking are completely unfounded and have ulterior motives."

On Wednesday, Google said it had "detected and has disrupted" a campaign to take users' passwords and monitor their emails.

"We have notified victims and secured their accounts," said the company. "In addition, we have notified relevant government authorities."

The e-mail scam uses a practice known as "spear phishing" in which specific e-mail users are tricked into divulging their login credentials to a web page that resembles Google's Gmail web service (or which appears related to the target's work) but is in fact run by hackers.

Having obtained the user's e-mail login and password, the hackers then tell Gmail's service to forward incoming e-mail to another account set up by the hacker.

In an advisory message released on Wednesday, Google recommends several steps for users to take to improve the security of Google products:

Enable two-step verification, such as using a mobile phone to which Google sends a second password to enter on sign-in

Use a strong password (mix of letters and numbers, avoiding family names, birth dates etc) for Google that you do not use elsewhere. Here's a video to help.

Enter your password only into a proper sign-in prompt on a https://www.google.com domain.

Check your Gmail settings for suspicious forwarding addresses or delegated accounts.



author:   美国之音:      source:  :    last updated:  06/02/11