Threat Intelligence, Vulnerability Management

China to prosecute Google hackers if evidence shows

Updated on March 9

If evidence is presented that attacks on Google originated in China, authorities there said they will punish those responsible.

However, Chinese sources reportedly said they have yet to receive proof of charges that hackers based in China were responsible for the recent hacks incurred by Google, as well as some 30 other high-profile corporations.

According to an item posted Saturday by the Chinese state news agency Xinhua, Google has yet to file a report with the Ministry of Industry and Information Technology over the attacks.

“If Google has had evidence that the attacks came from China, the Chinese government will welcome them to provide the information and will severely punish the offenders according to the law,” Vice Minister Miao Wei said in the report.

The hacking incident inflamed an already adversarial situation for Google in China. Despite continuing negotiation with state authorities, Google has made public accusations and threatened to pull its business out of China rather than submit to increased censorship. Google CEO Eric Schmidt said in January that although the company was still censoring search results in China, it would be making changes in a "reasonably short time." Subsequently, in a move that might be said to defy Chinese conditions, Google said that it would cease censoring results on its China-based search engine.

This latest statement from Vice Minister Miao Wei, however, is seen by some as a gesture at some reconciliation.

“I won't speculate on the political reasons for the perceived softening,  Rene Head, global theater engagement manager, managed security services for Unisys, told SCMagazine late Monday. "However, there will most certainly be a measurable impact to both China and Google if Google decides or is legally forced to discontinue its business in China."
What is most interesting, said Head, is that the technology to identify the originating source and location of such malicious attacks is readily available in the market today, so Google's claim that they have identified the attackers is not unrealistic.

The cybercriminals who compromised systems at Google, Adobe and more than 30 other large companies used a previously unknown, zero-day Internet Explorer exploit as part of their arsenal to install data-stealing malware on target machines, researchers at McAfee revealed in January. In late February, the attacks were traced to two schools in China, though the Chinese government has refuted Google's claim that the hackers were based in China.

Google has struggled for market share in China, reportedly the world's largest online community with 384 million users as of the end of 2009. The Mountain View, Calif.-based company has an 85 percent share of the search engine market globally, but is a distant second (with a 20 percent share), behind Baidu (with a 75 percent share), in China.

"Google should plan to encounter multiple legal challenges no matter what they decide," Head said. "If it remains in China, it will be forced to continue supporting the censored version of Google already in China, or possibly face involuntary shutdown of their business there if the uncensored version is deemed illegal. That would mean a loss of the rich base of hungry internet users in China that is growing faster than in many other countries."

Last Friday, Minister of Industry and Information Technology Li Yizhong said China was in consultations with Google to resolve the hacking issue.

A spokesman at Google declined to comment Monday after a request by

"Whether or not China is perceived to have softened its position, Google and China both have much to gain if they can overcome the barriers to provide a secure and mutually acceptable service," said Head. "It is reasonable to expect Google to adhere to the laws of any country in which it conducts business, which ironically may actually endanger their ultimate responsibility – protecting its users and corporate information.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.