Skip to main content

Recent Google Hack Traced to Chinese Schools

The New York Times reports that investigators have traced the recent hacking attacks on Google back to computers located at two schools in China, one of which has close ties to the Chinese military. The attacks may have even started earlier than previously believed, possibly attacking Google and other companies as early as April 2009. There's even indication that one link leads to a specific science class taught by a Ukrainian professor.

The two schools in question are Shanghai Jiaotong University and the Lanxiang Vocational School. The University provides one of China's top computer science programs while the vocational school was established with military support and trains many computer scientists for the military. The NYT said that the vocational school's network is maintained by a company close to Google's competitor, Baidu.

Lanxiang Vocational School is also where the Ukrainian professor teaches science.

Speculation is a mixed bag: it's believed that the vocational school is being used as camouflage for government operations. Others claim that a third country is using the schools as a cover for a "false flag" intelligence operation. There's also talk that the attacks were nothing more than criminal industrial espionage on a grand scale, set to leech technology secrets from American companies.

There's also the possibility that students were testing their hacking skills by breaking into foreign websites. A professor at Jiaotong’s School of Information Security Engineering said this was actually normal, however he also said that hackers could have hijacked the university's IP address during the Google attack.

  • NapoleonDK
    The plot thickens...

    This is turning into a veritable cyber-crime drama. Ghost In The Shell anyone? :)
    Reply
  • ethanolson
    You know... I think I'm gonna wipe all my personal information stored in Gmail and Hotmail right now. Done.
    Reply
  • hawkwindeb
    ethanolsonYou know... I think I'm gonna wipe all my personal information stored in Gmail and Hotmail right now. Done.Confucius say, too late! I already know who you are and all your personal info. Any the rest of you laughing, I know all about you too!
    Reply
  • jisamaniac
    It's possible that the school's IPs could be hijacked, but if it's a school that specialize in hacking/computer science, then that excuse it complete bull and they are lying. You are telling me a top Chinese computer science university can't maintain their own systems? Sounds like a bunch of bureaucratic crap to me.
    Reply
  • You are kidding me right? Lanxiang Vocational School takes in highschool dropouts and give them semi-skilled labor training (go look at their website – they offer auto repair, CNC operation, computer operation, excavator operation, welding, culinary school, cosmetology, cell phone repair).

    Does this sound like a place to recruit China’s best and brightest for cyber war? If this is true we have nothing to worry about.
    Reply
  • gekko668
    I'm smelling a conspiracy.
    Reply
  • Bert R
    Was I the only one that read the title and immediately thought "surprise, surprise..."
    Reply
  • JohnnyLucky
    There is a lot of information that is still missing. Right now it sounds like some sort of Hollywood espionage thriller.
    Reply
  • Pei-chen
    jisamaniacIt's possible that the school's IPs could be hijacked, but if it's a school that specialize in hacking/computer science, then that excuse it complete bull and they are lying. You are telling me a top Chinese computer science university can't maintain their own systems? Sounds like a bunch of bureaucratic crap to me.You are telling me a group of top IT firms can't maintain their own systems? Sounds like a bunch of bureaucratic crap to me.
    Reply
  • The information in the NYT report is bogus at best because the stuff that they report is not very accurate, for example; citing a professor saying that their IP's were frequently hijacked, or that this attack could be have been done by a few students, after hearing that and the fact that they don't mention things like 0-day exploits or APT attacks just makes me wonder if they're more interested in the speculation than in reporting... I would like to recommend these articles to get a better understanding of how this attack was done and how they got access to Zero Day Exploits and then used APT (Advanced Persistent Threats) to gain access...

    Links:
    http://www.wired.com/threatlevel/2010/01/operation-aurora/
    http://www.wired.com/threatlevel/2010/02/apt-hacks/
    Reply