Monday, January 18, 2010

Google Investigating Whether China Cyber-Attack was Inside Job

Google is investigating whether one or more employees may have helped facilitate a cyber-attack that the U.S. search giant said it was a victim of in mid-December.

Google, the world's most popular search engine, said last week it may pull out of the world's biggest Internet market by users after reporting it had been hit by a "sophisticated" cyber-attack on its network that resulted in theft of its intellectual property.

The sources, who are familiar with the situation, told Reuters that the attack, which targeted people who have access to specific parts of Google networks, may have been facilitated by people working in Google China's office.

"We're not commenting on rumor and speculation. This is an ongoing investigation, and we simply cannot comment on the details," a Google spokeswoman said.

Security analysts told Reuters the malicious software (malware) used in the Google attack was a modification of a Trojan called Hydraq. A Trojan is malware that, once inside a computer, allows someone unauthorized access. The sophistication in the attack was in knowing whom to attack, not the malware itself, the analysts said.

Local media, citing unnamed sources, reported that some Google China employees were denied access to internal networks after January 13, while some staff were put on leave and others transferred to different offices in Google's Asia Pacific operations. Google said it would not comment on its business operations.