Forum pracy nad projektem wskrzeszenia The Forge Forum Index Forum pracy nad projektem wskrzeszenia The Forge

 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   GalleriesGalleries   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Google and The China Problem

 
Post new topic   Reply to topic    Forum pracy nad projektem wskrzeszenia The Forge Forum Index -> Forum
View previous topic :: View next topic  
Author Message
71nbkc45j5
Papa-Smerf



Joined: 24 Dec 2010
Posts: 27
Read: 0 topics

Location: England

PostPosted: Tue 12:55, 08 Mar 2011    Post subject: Google and The China Problem

George Kurtz, McAfee's Chief Technology Officer, has described the situation as "a watershed moment in cyber security". And there is no better way to describe the unfolding events surrounding the Google mail hacking incident in China.
This single event embraces many trends that have been emerging, or have been anticipated, in one 'big-bang' story. International cyber espionage has become the concern of mainstream business overnight. The new reality has to be accommodated within business decision-making. Maybe the cyber security industry will see a welcome boost to its revenues.
This story cannot be dismissed as journalistic frenzy
Spy stories make exciting reading and the media likes to exaggerate to get the attention of its readers. But this story has already caused Google,[link widoczny dla zalogowanych], one of the world's largest corporations,[link widoczny dla zalogowanych], to threaten to walk away from the world's second largest economy.
Hilary Clinton has waded in with an affirmation of the US government's views on Internet freedom, and the Chinese government has responded with rhetoric not dissimilar from that of the Cold War. The implications for the individuals whose email has been hacked are serious. We must take notice.
Political surveillance is just the tip of the iceberg in this story
The story of alleged Chinese hackers accessing a number of Google email accounts belonging to human rights activists has mushroomed over the two weeks since it was first revealed.
Investigations have revealed that as many as 30 Fortune 500 companies have suffered cyber attacks reported as coming from China in recent days. While it is hard to prove a link to the Chinese government, it is hard to believe that a large-scale and very sophisticated campaign could be launched without official blessing from within a country that is still heavily monitored. The targets of the attacks are also consistent with Chinese government interests.
Balanced reactions have been the first victim
The revelation that the attack used a previously undiscovered vulnerability in Internet Explorer caused the German government, followed by the French government, to overreact with advice to their citizens to change to an alternative browser. Google seemed to encourage this myth and put the blame for the incident on Microsoft, rather forgetting the uncomfortable fact that it was a Google managed service that had been hacked.
The only way to secure data is to destroy it
Only slightly more ironic is the revelation from Google's Chief Legal Officer, David Drummond, that the hackers had accessed the ��traffic data' of the hacked accounts (sender, recipient, title, etc.) rather than the body of the messages. This indicates that they used the intercept mechanisms put in place by Google to facilitate ��legal intercept' requests from western governments, including the US government. Anyone who calls for data to be collected or divulged must be aware that any weapon can be turned and used by their opponent, even in cyberspace. Advocates of large databases should take heed!
Social engineering attacks take on a new dimension
While IT security professionals have long warned of the danger of the ��internal threat' from employees, McAfee's investigations have revealed that this attack started when the hackers attacked friends of key Google employees, and transferred malware through social networking connections between the friends and the employees into Google's infrastructure. Google had previously said that it was investigating some of its Chinese employees, and has linked any decision to withdraw from China partly to the outcome of this process.
Business has to take notice of the new threat
Cyber attacks on governments and defence contractors have been happening for years,[link widoczny dla zalogowanych], in increasing volume. Now businesses in all verticals have to defend against industrial espionage. Apart from improving cyber defences, fundamental strategies need to be re-examined relating to IT sourcing. Security needs to be considered in outsourcing decisions,[link widoczny dla zalogowanych], particularly if the allegations are true when outsourcing to China. Similarly, security should be considered in IT software and hardware sourcing decisions. Decisions must not be made solely on the basis of cost.
We need an inclusive relationship with all countries
Withdrawal and isolationism will never cure the world's problem. We must maintain an inclusive relationship in both trade and political relations with all countries. However,[link widoczny dla zalogowanych], in some cases this needs to be tempered with caution.


The post has been approved 0 times
Back to top
View user's profile
Display posts from previous:   
Post new topic   Reply to topic    Forum pracy nad projektem wskrzeszenia The Forge Forum Index -> Forum All times are GMT + 2 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

fora.pl - załóż własne forum dyskusyjne za darmo
Powered by phpBB © 2001, 2005 phpBB Group
Regulamin