China reponds to hacking claims

China has responded to hacking claims made by Google, claiming that foreign internet firms are welcome to do business "according to the law".

According to BBC News, a statement from Foreign Ministry spokeswoman Jiang Yu said: “China like other countries administers the internet according to law. China's internet is open and the Chinese government encourages development of the internet.”

She also said that "Chinese law proscribes any form of hacking activity", but did not make any direct reference to Google.

Reuters has reported that Wang Chen, a minister of the State Council Information Office, warned against pornography, cyber attacks, online fraud and "rumours" in an online statement. He said that government and internet media have a responsibility to shape public opinion.

Google has said that it may pull out of the Chinese market and close down its Chinese search engine Google.cn after it made allegations of hacking, cyber attacks and failure to allow freedom of speech.

Amichai Shulman, CTO of Imperva, suspected that the intention of the attack was Chinese hackers trying to gain access to Google internal databases to pull passwords.

Shulman said: “We can presume that Google determined that the attackers were after civil rights activists from queries that the hackers tried to run on the databases containing the activists' user names. Google probably discovered the issue through audit trails when they examined the infiltrated databases.

“How did they infiltrate to Google systems in the first place? We can only speculate. The likely attack methods were sending mail containing malware to Google employees or through a vulnerability in Google's web servers."

Tom Kelchner, research office manager at Sunbelt Software, claimed that Google had been steadily losing market share to the Chinese government search site Baidu.

He said: “Google has the concept of free access to information in its very source code. The entire point of an internet search engine is to provide access to any information that a user goes looking for. To put this further in perspective, China is a very big place. There are more internet users in China than there are people in the US. That's a lot of people to control whether by a democratic or non-democratic system.

“What's the point for computer security? The attacks were based on a known vulnerability (Adobe PDF hole) that had a known workaround. The technique – spear phishing – has been around for years. Somebody in China just went after the low-hanging fruit.”

See original article on scmagazineus.com