This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

China's attack on Google explained: CNET News Video

About Video Transcript

CNET News Video: China's attack on Google explained

6:52 /

Elinor Mills explains what happened to Google, how it happened, who did it, and who else was affected.

[ Music ] ^M00:00:04 >> Google shocked the tech community this past week by not only announcing that they were considering pulling out of China but the reason why was targeted attacks against them from within China. Now, there has been a lot of confusion and speculation about whether it's the government at fault, what these attacks were, what kind of information they got away with. And to help us make a little bit clearer picture on what's happening in China's attacks on Google, we have Elinor Mills from CNET News. Thanks for joining us, Elinor. >>Elinor: Sure. >> Let's start with what happened. What did Google know and when did they know it? >>Elinor: Google this week said that in mid-December they noticed that there had been a network intrusion on its corporate network. It said that it was highly sophisticated and it was investigating. And it said that, at the time that it noticed, intellectual property was stolen. >> Okay. So this is an attack on Google, trying to steal stuff. Do we know what they tried to steal? What kind of intellectual property? >>Elinor: No. They won't say, but other sources who are familiar with the investigation said that the attacks were directed at source code. >> Okay. So that would make sense. That's the kind of intellectual property someone might be after. >>Elinor: Also, someone was able to go through the Google network somehow, get in there, and access Juno accounts from two users and see some account information, like when it was created, but they were not able to read the contents. >> Okay. So they didn't get in and read the email? >>Elinor: No. >> They got into the Google network and found some account information about them. >>Elinor: Right. >> Those were internal. Now, there were also some external attacks, not on Google but against Google properties, right? >>Elinor: Against Google users, specifically other Gmail users who had their computers infected separately, not associated with Google. >> So this wasn't an attack against the Google network. This is an attack against home computers and then getting in and reading people's Gmail. >>Elinor: Exactly. >> And why were they targeting Gmail at all? >>Elinor: The link between these Gmail users was that they were human rights activists or somehow involved in human rights. >> Okay. So we have two types of attacks; we have two targets. One was intellectual property, and the other was going after dissidents. How were these attacks executed? >>Elinor: Microsoft said yesterday that there was a newly discovered vulnerability in Internet Explorer that was used in the attacks. >> Okay. So all versions of Internet Explorer? >>Elinor: Six. They said IE6 was used. >> Okay. Seven and eight doesn't have to worry? >>Elinor: Seven and eight also are vulnerable. >> But wasn't used in the attacks. >>Elinor: So it's to the exploit. But, in the attacks, they specifically said IE6. >> And they've got a patch coming for that? >>Elinor: Yes. >> Okay. So maybe a PDF file, definitely an Internet Explorer vulnerability. >>Elinor: Yeah, definitely. >> And where did these attacks come from? What do we know about that? >>Elinor: Google specifically said they originated in China. They did not blatantly come out and say that they think the Chinese government is behind it. They said they're going to stop censoring their [inaudible]. >> They've implied it through their actions, essentially. >>Elinor: Absolutely. >> But there are some other researchers who've said, "Yeah. I think we know this is China." How did they -- how did they come to that determination? >>Elinor: Yeah. Tracing it to servers that were found to be hosting the data that were in Taiwan; and, then, also, servers that were found to be in Texas and Illinois. >> Okay. So when they were looking at -- and I understand they call it Project Aurora as sort of a code name. >>Elinor: McAfee's calling it -- >> -- is it from what McAfee's calling the vulnerability or the code? >>Elinor: Yeah. >> It was communicating to servers in Texas, Illinois, and Taiwan. >>Elinor: There are links to IP addresses that were similar to attacks that previously had been done on US corporations similar to this that were linked to the Chinese state. >> So it fit the profile, in other words. >>Elinor: It fit the profile. >> Okay. So we know what happened, we know how it happened, we know from where it came, sort of. Who else did it affect? Because I know others, besides Google, were under attack, as well. >>Elinor: The same day that Google made their announcement, on Tuesday, shortly thereafter Adobe came out and said, "Our network was attacked." Now, they didn't link it specifically to Google; but that's the implication is that Google had said at least twenty other companies were part of these attacks. >> And then Adobe announced an attack that was similar, so we can assume it must be part of the same? >>Elinor: Right. Yeah. That it's a similar attack. They didn't give any details. They said they are still investigating. >> Who else? >>Elinor: Since then, researchers listed Yahoo, Symantec, Northrop Grumman, Dow Chemical, and Juniper networks. Yahoo, Symantec, Grumman, and Dow have all either declined to comment or have declined to say whether it -- you know, confirm it or deny it. Juniper has said they are investigating attacks. Now, whether, you know, they didn't say specifically attacks on our network or what, so. >> And Juniper does investigate attacks as part of their business. >>Elinor: Yes. >> Yeah. So they are obfuscating a little bit there, as well. >>Elinor: Absolutely. >> How many total companies? Is it just twenty or do we think it's more? >>Elinor: Okay. So, no. The number has been pegged at 34 from iDefense and others. >> Okay. So we think -- >>Elinor: 34 total, including Google. >> 34 companies and all after the same sort of thing? Human rights and intellectual property, or do we even know? >>Elinor: Actually, for these companies, it would be the intellectual property. >> Now, before we wrap up, that seems to kind of encapsulate it. But we had one interesting incident later on at -- these attacks all started in December, ended around January 4th, right? >>Elinor: Right. Because one of the servers or more of the servers were cut down then. >> And we don't know why they were cut down. >>Elinor: We don't know. >> But, after they went down, something else happened. >>Elinor: Okay. Yeah. So a law firm in LA, Gipson, Hoffman and Pancione reported that it, too, had had a similar type of attack on its employees. And, again, they say that there is the China connection based on the way the attacks were done and the timing. Now, the firm is alleging in the lawsuit that China stole code from that US product to use in its Green Dam software that it's using to -- >> Filter. >>Elinor: To filter and block citizens from accessing internet sites. >> Okay. So they -- there's a case for retaliation there -- >>Elinor: Absolutely. >> -- that you could see and understand. One last question. All of this seems very clear. Thank you for helping to explain it. Things are still developing. Are there any other issues that we think might crop up that we should keep an eye on? >>Elinor: Yeah. The investigations continue on all the -- the attacks on all the companies, and information is trickling out. One -- a couple of sources have said that Google is most definitely probably looking at insider -- an insider threat. >> So someone infiltrated Google? >>Elinor: Or -- yes. An employee maybe with connections to China. >> That's serious. That's something to keep our eyes on. All right. Thank you so much, Elinor. We appreciate the walk-through. We are going to keep following the story. Look for Elinor and Tom Krazit's work at news .com, and we'll keep you up to date. [ Music ] ^M00:06:51

New releases

All the things Apple Watch can do without an iPhone nearby
1:33 April 18, 2015
You still need an iPhone to set up and use the Apple Watch, but it can do things on its own, too! Fitness, music, Apple Pay, and a...
Play video
The WD Elements portable drive is a great deal
2:23 April 17, 2015
CNET editor Dong Ngo sort of explains the difference between bravery and courage using the high-capacity low-cost WD Elements portable...
Play video
Forget maps and let leg electrodes guide you there, Ep. 200
4:54 April 17, 2015
Crave celebrates its 200th episode with a human cruise control system that's, well, pretty shocking. We check out a bicycle that claims...
Play video
Send Frigidaire's Professional Fridge back to the minors
2:24 April 17, 2015
The Frigidaire FPBC2277RF is priced in the big leagues, but fails to perform up to expectations.
Play video
Star Wars droid BB-8 is real, powered by Sphero
2:40 April 17, 2015
Get ready for rolling BB-8 toys. The droid in "Star Wars: The Force Awakens" is a real robot, based on the technology in Sphero's toy...
Play video
CNET Top 5 - Crazy looking smartphones
3:36 April 17, 2015
Round, curvy and two-faced: five phones that broke the mold and dared to be different.
Play video
Faster Roku 2 masters the streaming universe
1:45 April 17, 2015
A nearly perfect mix of speed, features, price and ecosystem make the Roku 2 our favorite streaming device yet.
Play video
The Garmin Vivoactive is an ultra-slim smartwatch with a few hiccups
2:15 April 17, 2015
CNET's Dan Graziano gives you a first look at Garmin's first smartwatch
Play video