NOTE: FOR ONGOING COVERAGE OF THIS AND OTHER GOOGLE TOPICS, PLEASE VISIT MY WEB SITE.
RichardLBrandt.com
Big news from Google today. It has been detecting cyber attacks from China and a theft of "intellectual property." Google executives are so pissed off that they have decided to stop their self-censorship and to do as they promised several years ago and re-evaluate whether it will remain there at all. It is highly likely it will not, because China will never accept an uncensored search engine.
There are several things to say about this.
How much data was stolen?
First, exactly how big were the attacks, and what data may have been compromised either at Google or at the other companies where Google detected attacks?
The announcement of the attacks in the Google blog says there was "theft of intellectual property from Google." The only thing it mentions is that a little info about the creation of Gmail accounts, such as the dates they were created and subject line, was compromised. Did the attackers get any other intellectual property from Google besides this info?
A Google spokesperson tells me, "So far we don't have any evidence of anything else" being taken. But phrase "so far" means they could still find more later. Also, the spokesperson says Google does not know what, if anything, may have been taken from or compromised at any of the other companies where it detected the attacks.
Should Google get rid of data sooner to protect privacy?
This shows that data is vulnerable, even when protected with Google's sophisticated safeguards. Google keeps data for nine months, but privacy and human rights advocates say it should be less and will certainly point to this example as a reason to cut the retention time.
But there's a dilemma here. On one hand, reducing the time information is kept would reduce the amount of vulnerable info.
But on the other, Google's retained data may have helped it discover the attack.
In an interview for my book on Google, I discussed both China and privacy issues with Google lawyer Nicole Wong. We discussed why Google keeps personal information for nine months. She spoke primarily of "denial of service" attacks, but it should apply to others. According to Wong:
"The fact of the matter is that the person successfully attacking us today has probably been trying for two years. So when we go back into the logs for a substantial amount of time, we're able to detect the pattern we have today."
Wong said that's one of the reasons they do not want to get rid of data any sooner -- that nine months is already a compromise. 18 months would be better.
Analyzing whatever data Google and the other companies have retained will now better equip them to better prevent similar attacks in the future. This debate will only intensify.
Were Microsoft and Yahoo also attacked? Who else?
Who were the other companies attacked? Google says it detected at least 20 other companies were similarly attacked, and the New York Times hears from experts that the number may be 34. Google, of course, would never reveal the names of the other companies it informed of the attacks, but it says:
"a wide range of businesses--including the Internet, finance, technology, media and chemical sectors--have been similarly targeted."
It would make sense that they were companies doing business in China. Companies with similar services at Google -- search engines and email systems -- seem obvious choices. Microsoft, Yahoo, Baidu? (But those are just guesses.) How safe is the info at any company doing business in China?
Will any of the other companies that were attacked admit it? Google's stock dropped 1.77% today. Because of this news? Will other companies risk taking the hit? Is anyone else willing to leave China as a result.
I'll give you a hint on that one: No.
Did the Chinese government do it?
This was a sophisticated, well-funded attack. The New York Times says that servers in Taiwan and Texas appear to have been involved. Google's description of some of the attacks -- "highly sophisticated", "at least twenty other companies" targeted, the "primary goal" being trying to get info about "Chinese human rights activists" -- certainly suggests this was an attack by the Chinese government. Somebody had a lot of technology, time and money to do this. The New York Times thinks so:
"Google did not publicly link the Chinese government to the cyber attack, but people with knowledge of Google’s investigation said they had enough evidence to justify its actions."
The U.S. government has to be investigating this as well. Another guess.
Google is pissed!
One thing is for sure. Google management -- and particularly Sergey Brin, who has always had misgivings about the decision to enter China -- are really pissed. The attacks tipped the debate in favor of withdrawing. Now I wonder if other companies will follow suit.
I'll give you a hint on that one also: See above.
Recent Comments