Like many other well-known organizations, we face cyber attacks of
varying degrees on a regular basis. In mid-December, we detected a
highly sophisticated and targeted attack on our corporate
infrastructure originating from China that resulted in the theft of
intellectual property from Google. However, it soon became clear
that what at first appeared to be solely a security
incident--albeit a significant one--was something quite different.
First, this attack was not just on Google. As part of our
investigation we have discovered that at least twenty other large
companies from a wide range of businesses--including the Internet,
finance, technology, media and chemical sectors--have been
similarly targeted. We are currently in the process of notifying
those companies, and we are also working with the relevant U.S.
authorities.
Second, we have evidence to suggest that a primary goal of the
attackers was accessing the Gmail accounts of Chinese human rights
activists. Based on our investigation to date we believe their
attack did not achieve that objective. Only two Gmail accounts
appear to have been accessed, and that activity was limited to
account information (such as the date the account was created) and
subject line, rather than the content of emails themselves.
Third, as part of this investigation but independent of the attack
on Google, we have discovered that the accounts of dozens of U.S.-,
China- and Europe-based Gmail users who are advocates of human
rights in China appear to have been routinely accessed by third
parties. These accounts have not been accessed through any security
breach at Google, but most likely via phishing scams or malware
placed on the users' computers.
We have already used information gained from this attack to make
infrastructure and architectural improvements that enhance security
for Google and for our users. In terms of individual users, we
would advise people to deploy reputable anti-virus and anti-spyware
programs on their computers, to install patches for their operating
systems and to update their web browsers. Always be cautious when
clicking on links appearing in instant messages and emails, or when
asked to share personal information like passwords online. You can
read more here about our cyber-security recommendations. People wanting to learn
more about these kinds of attacks can read this U.S. government report (PDF), Nart Villeneuve's blog and this presentation on the GhostNet spying incident.
We have taken the unusual step of sharing information about these
attacks with a broad audience not just because of the security and
human rights implications of what we have unearthed, but also
because this information goes to the heart of a much bigger global
debate about freedom of speech. In the last two decades, China's
economic reform programs and its citizens' entrepreneurial flair
have lifted hundreds of millions of Chinese people out of poverty.
Indeed, this great nation is at the heart of much economic progress
and development in the world today.
We launched Google.cn in January 2006 in the belief that the
benefits of increased access to information for people in China and
a more open Internet outweighed our discomfort in agreeing to
censor some results. At the time we made clear that "we will carefully monitor conditions in China, including new
laws and other restrictions on our services. If we determine that
we are unable to achieve the objectives outlined we will not
hesitate to reconsider our approach to China."
These attacks and the surveillance they have uncovered--combined
with the attempts over the past year to further limit free speech
on the web--have led us to conclude that we should review the
feasibility of our business operations in China. We have decided we
are no longer willing to continue censoring our results on
Google.cn, and so over the next few weeks we will be discussing
with the Chinese government the basis on which we could operate an
unfiltered search engine within the law, if at all. We recognize
that this may well mean having to shut down Google.cn, and
potentially our offices in China.
The decision to review our business operations in China has been
incredibly hard, and we know that it will have potentially
far-reaching consequences. We want to make clear that this move was
driven by our executives in the United States, without the
knowledge or involvement of our employees in China who have worked
incredibly hard to make Google.cn the success it is today. We are
committed to working responsibly to resolve the very difficult
issues raised.
象许多其他著名组织,我们面对不同的定期度网络攻击。 12月中旬,我们发现在我们的公司从中国,在由谷歌侵犯了知识产权,导致原基础设施非常复杂和具有针对性的攻击。然而,很快就清楚地知道在第一次出现是单纯的安全事件 - 尽管是重要的一项 - 是完全是另外一回事。
首先,这次袭击不只是谷歌。作为我们调查的一部分,我们发现,至少有20等大公司从业务范围广泛 - 包括互联网,金融,技术,媒体和化工等领域 -
也遭受了同样的目标。我们目前还在通知这些公司的过程中,我们也与美国有关当局的工作。
第二,我们有证据表明,一个攻击者的主要目的是访问的中国人权活动的Gmail帐户。根据我们调查,迄今为止,我们相信他们的进攻并没有实现这一目标。只有两个Gmail帐户似乎已被访问,而这一活动仅限于帐户信息(如日期的帐户已创建)和主题行,而不是自己的电子邮件内容。
第三,这项调查的,但对谷歌攻击独立的一部分,我们发现,美几十个帐户,中国和欧洲的Gmail用户谁是在中国人权倡导者看来是例行访问的第三方。这些帐户还没有被访问的谷歌通过任何安全漏洞,但大多数通过网路钓鱼诈骗或恶意软件在用户的电脑上的可能。
我们已经使用的信息,从这次袭击,使获得基础设施和建筑改进,提高安全性和谷歌为我们的用户。在个人用户方面,我们会建议人们在电脑上部署知名反病毒和反间谍软件程序,为他们安装操作系统补丁,并更新其网络浏览器。一直很小心,在即时消息和电子邮件,或要求分享的个人信息如密码的网络版上点击链接。你可以在这里阅读更多关于我们的网络安全的建议。人们想要了解这些类型的攻击更可以阅读这个美国政府的报告(PDF格式),纳尔特维伦纽夫的博客,这对GhostNet介绍间谍事件。
我们已采取了交流有关的不只是因为安全和人权,我们有什么影响,广大观众发现这些攻击的信息不寻常的步骤,而且还因为这些信息转到了一个更大的关于全球自由辩论的核心讲话。在过去二十年里,中国的经济改革计划和公民'的企业精神已经脱离了贫困亿万中华儿女。事实上,这个伟大的国家,是今天在许多经济进步和世界发展的核心。
我们相信推出Google.cn认为提高了对中国人民在一个更加开放的互联网信息的好处抵销同意审查结果,我们的一些不适,在2006年1月。当时,我们明确指出,“我们将密切注视中国的条件,包括新的法律和对我们服务的其他限制。如果我们决定,我们无法达到目标所确定的,我们将毫不犹豫地重新考虑对中国的态度。”
这些袭击,他们已经发现监视 - 与在过去一年企图进一步限制网上言论自由的结合 -
已经导致我们得出结论,我们应该检讨我们在中国业务的可行性。我们已经决定,我们不再愿意继续在Google.cn封杀我们的业绩,所以在未来,我们将与我国政府的基础上,我们可以在法律范围内运作,未经过滤的搜索引擎,讨论如果在几个星期全部。我们认识到,这很可能意味着必须关闭Google.cn,并有可能我们在中国的办事处。
审查的决定,在中国的业务一直非常努力,我们知道这将有可能影响深远的后果。我们要明确,这一举措,主要是因为在美国我们的管理人员不知情或在中国的员工参与,谁工作非常努力,使Google.cn成就的今天。我们正致力于负责任地解决提出的问题非常困难。
发布者大卫德鲁蒙德,高级副总裁,企业发展和首席法律官
注:原帖http://googleblog.blogspot.com/2010/01/new-approach-to-china.html 已无法登陆
该贴 http://opensource.csdn.net/bbs/thread/3692
;){kind=link}