Google threatens to leave China after attacks on activists' e-mail

A Google executive said, " "We recognize that this may well mean having to shut down and potentially our offices in China."
A Google executive said, " "We recognize that this may well mean having to shut down and potentially our offices in China." (AP)
By Ellen Nakashima, Steven Mufson and John Pomfret
Washington Post Staff Writers
Wednesday, January 13, 2010

Google said Tuesday that it may pull out of China because of a sophisticated computer network attack originating there and targeting its e-mail service and corporate infrastructure, a threat that could rattle U.S.-China relations, as well as China's business community.

The company said it has evidence to suggest that "a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists," but it said that at least 20 other large companies, including finance, media and chemical firms, have been the targets of similar attacks. Google said it discovered the attack in December.

"It's clear that this attack was so pervasive and so essential to the core of Google's intellectual property that only in such a situation would they contemplate pulling the plug on their entire business model in China," said James Mulvenon, a China cyber expert with Defense Group Inc.

Congressional sources said the other companies include Adobe and possibly Northrop Grumman and Dow Chemical. Industry sources said the attacks were even broader, affecting 34 firms.

The hackers directed the attacks on the companies through six Internet addresses linked to servers in Taiwan, which sent commands to targeted computers in the firms, said Eli Jellenc, head of international cyberintelligence for the Silicon Valley-based cybersecurity research and forensics firm Verisign iDefense, which is helping companies investigate the penetrations. The hackers were sending the data to a large Internet data center in San Antonio called Rackspace, he said.

They appeared to be after information on weapons systems from defense firms and were seeking companies' "source code," the most valuable form of intellectual property because it underlies the firms' computer applications, he said.

U.S. authorities, including the National Security Agency, are involved in investigating the attacks.

Several of the Internet addresses correspond to those used in malicious attacks against the defense industry last year and that are thought to be linked in some fashion to the Chinese government or proxies, Jellenc said.

David Drummond, Google's senior vice president and chief legal officer, said the attacks had led the company to conclude that it should "review the feasibility" of its Chinese operations. "We recognize that this may well mean having to shut down, and potentially our offices in China," he said.

Drummond also said that the company has decided to stop censoring its search results on Chinese Google sites. Over the next few weeks, he said, the company will discuss with the Beijing government how it may operate "an unfiltered search engine within the law, if at all."

Google's threat to pull out of China follows years of tension over the company's service, which is designed to provide quick, unfettered access to information, and over the Chinese government, which wants to restrict its citizens' access to politically sensitive topics and to monitor their activity. The confrontation also comes just before a Jan. 21 policy speech on Internet freedom by Secretary of State Hillary Rodham Clinton, who dined last week with a handful of top technology executives, including Google's chief executive, Eric Schmidt.

Clinton said Google had briefed her on the issue, but in a statement late Tuesday she demanded an explanation from China. "The ability to operate with confidence in cyberspace is critical in a modern society and economy," she said.

CONTINUED     1           >

© 2010 The Washington Post Company