* Latest hacking targeted U.S. officials, among others
* Detected and disrupted; victims and governments informed
* White House, FBI investigating Google's claim
(Adds analysts' comment)
By Alexei Oreskovic and Edwin Chan
SAN FRANCISCO/LOS ANGELES, June 1 Hackers
likely based in China tried to break into hundreds of Google
mail accounts, including those of senior U.S. government
officials, Chinese activists and journalists, the Internet
company said on Wednesday.
The unknown perpetrators, who appeared to originate from
Jinan in Shandong province, recently tried to crack and monitor
email accounts by stealing passwords, but Google (GOOG.O) detected
and "disrupted" their campaign, the world's largest Web search
company said on its official blog.
The revelation comes more than a year after Google disclosed a
cyberattack on its systems that it said it traced to China, and
could further strain an already tense relationship between the Web
giant and Beijing.
That incident also triggered a highly charged debate over the
country's censorship and rigid control of the Internet. Google
eventually all but pulled out of the world's largest Internet
market by users.
"Investors would like to see Google figure out a way to
operate in China, and capitalize on the growth of the country,"
said Cowen and Co analyst Jim Friedland.
"It's been a tough relationship. And this highlights that it
continues to be a tough relationship," he said.
A U.S. government spokesman said it was looking into the
incident but declined further comment.
"We recently uncovered a campaign to collect user
passwords, likely through phishing," Google said in a post on
its corporate blog on Thursday. "The goal of this effort seems
to have been to monitor the contents of these users' emails."
It "affected what seem to be the personal Gmail accounts of
hundreds of users, including among others, senior U.S. government
officials, Chinese political activists, officials in several Asian
countries (predominantly South Korea), military personnel and
NO OFFICIALS TARGETED?
The events leading to Goggle's withdrawal from China
exacerbated an often difficult relationship between Washington
and Beijing, with disputes ranging from human rights to trade.
The attacks revealed Wednesday were also the latest
computer-based invasions directed at western companies. The United
States has warned that a cyberattack -- presumably if it is
devastating enough -- could result in real-world military
retaliation, although analysts say it could be difficult to detect
its origin with full accuracy. [ID:nN3135624]
Lockheed Martin Corp (LMT.N), the U.S. government's top
information technology provider, said last week it had thwarted "a
significant and tenacious attack" on its information systems
network, though no signs pointed to a Chinese origin.
The White House said it was investigating the claims, but
referred Reuters to law enforcement.
"We're looking into these reports and are seeking to gather
the facts," said White House spokesman Tommy Vietor. "We have
no reason to believe that any official U.S. Government email
accounts were accessed. I'd refer you to FBI for additional
FBI spokeswoman Jenny Shearer said: "We are aware of
Google's announcement regarding attempts to obtain passwords and
gain access to these accounts. We are working with Google to
review this matter."
Cyberattacks originating in China have become very common in
recent years, said Bruce Schneier, chief security technology
officer at telecommunications company BT.
"It's not just the Chinese government. It's independent
actors within China who are working with the tacit approval of the
government," he said.
While Google said last year's attack was aimed at its
"corporate infrastructure," the latest incident appears to have
relied on tricking email users into revealing passwords, based
on Google's description in its blog post.
It said the perpetrators changed the victims' email
forwarding settings, presumably secretly sending the victims'
personal emails to other recipients.
Schneier said the details that Google has released about the
email hijacking do not appear that unusual.
"For the past five years we've known that the Chinese
conduct a lot of espionage over the Internet," he said.
The bigger question, he said, was why Google was choosing
to publicize this attack now.
The company said it notified the victims and relevant
"It's important to stress that our internal systems have
not been affected -- these account hijackings were not the
result of a security problem with Gmail itself," Google said.
The company's shares finished 0.7 percent lower at $525.60.
(Reporting by Alexei Oreskovic and Edwin Chan; additional
reporting by Alister Bull in Washington D.C; Editing by Andre
Grenon, Phil Berlowitz)