TECHNOLOGY and COMMUNICATION

The recent cyber-attacks against Google have seen increasing visibility in the mainstream press.  Late last week there were widespread reports that Google would walk away from the largest global market for Internet services as a result of these attacks, which evidence shows are likely to be state-sponsored.  The US State Department as requested an "official explanation" of the hacking (cyberwar) activities.  But the initiative seems half-hearted at best.  This new violation comes at a time when there are already plenty of serious issues with China including Chinese human-rights offences, currency exchange rate, trade protectionism and U.S. arms sales to Taiwan.  However late yesterday the Shanghai bureau of Reuters reported that Google would not cease operations there, but sought negotiations with China over censorship issues and hacking activities http://www.reuters.com/article/idUSTRE60E0BC20100117 

A lesser known fact about these attacks on Google infrastructure is that in addition to the attempts to access the Gmail accounts of Chinese human-rights activists, these hacks have taken another equally sophisticated and highly targeted track.  Attempts to penetrate some of the largest companies in America's critical infrastructure, including Internet, finance, technology, media and chemical sectors.   This concerning fact begs several questions.  Among them are what should Google do to help prevent cyberattacks on Americas infrastructure?  What role, if any, should American Government play in preventing and/or responding to these events?  Does this indicate our entry into a time when corporate espionage is a much wider spread threat, requiring business and IT leaders to confront a new risk that maybe hard for most to believe, let alone quantify?  David Drummond, Chief Legal Counsel for Google has downplayed these events in his most recent blog post, stating "We have already used information gained from this attack to make infrastructure and architectural improvements that enhance security for Google and for our users." 

A fairly good report on the detail of these and related incidents can be found in a  Report to Congress by the U.S.-China Economic and Security Review Commission (see p. 163-), as well as additional related analysis prepared for the Commission, Nart Villeneuve's blog and this presentation on the GhostNet spying incident.

Whether we view this as simply a contuance of ever increasing sophistication and a cost of doing business in the digital age, or call this out as a much graver activity of Cyberwar aimed at weaking American Infrastructure, reamins open for debate.  In either case, this is an issue that requires those of us responsible for Information and Network Security to once again increase defensive capabilities and to call for broader pressures to be brought against the attackers.