Internet giant Google is involved in another incident with China. The company reported Wednesday that "hundreds" of its Gmail accounts have been compromised by hackers based in China. Google said the attack targeted senior government officials and military personnel from the United States and other countries, Chinese political activists, and journalists. Robert Siegel talks to NPR's Tom Gjelten about why this happened — and how the U.S. government will respond.
Copyright NPR. View this article on npr.org.
SIEGEL: Google is involved in another incident with China. The company reported yesterday that hundreds of its Gmail accounts have been compromised by hackers based in China. Google said the attack targeted senior government officials and military personnel from the United States and other countries, also Chinese political activists and journalists. The hackers are said to have stolen passwords and monitored email traffic.
The Chinese government is vigorously denying responsibility for the latest intrusion into the Google network, but Secretary of State Hillary Clinton today said the United States is very concerned about the attack.
Secretary HILLARY CLINTON (Department of State): Google informed the State Department of this situation yesterday, in advance of its public announcement. These allegations are very serious. We take them seriously. We're looking into them.
SIEGEL: Joining us now is NPR's Tom Gjelten. And Tom, what could be going on here? What would somebody in China do with these stolen passwords, say?
TOM GJELTEN: Well, Robert, if you had passwords for these Gmail accounts, obviously you could go in and you could read those emails. You could also pose as that person and send out emails from that account, which would then lead you to other information.
And even more important, what you could do is go in and change your email settings so that all future emails coming in might be automatically forwarded to some third email account. So you would really have ongoing access to this email traffic.
SIEGEL: Well, from what we know, how did this hacking of Google accounts from China take place?
GJELTEN: It seems to be, Robert, a case of phishing. And we've all heard about phishing attacks where you get emails that tempt you or are meant to tempt you to click on them, and then you inadvertently provide personal information, including your passwords.
For example, there was one email that came from a State Department address and it referred to a joint statement that was coming out in draft form - and this would be the government officials. You would click on it to read the statement and you would obviously want to read what was being said. And then in the process you would reveal your password.
SIEGEL: This is an example of phishing, spelled with a P-H.
GJELTEN: Phishing with a P-H, right.
SIEGEL: You mentioned a State Department official and Google says that some of these hacked email accounts belonged to senior U.S. government officials. Does that mean that any sensitive government information was actually disclosed or taken here?
GJELTEN: Well, Robert, these were private emails accounts. These are Gmail accounts, they're not government official email accounts. And so far, the Pentagon, for example, is saying it does not know of any sensitive information that was disclosed.
Or, you know, some people have the habit of forwarding they are official emails to their personal email accounts, or vice versa. So you can't be for sure that no sensitive information was disclosed.
SIEGEL: Now, we've often heard about hackers going into private email accounts to get credit card information or to get access to money. But Google here suggests this was more than just a case of individual hackers. There is the suspicion at least that the Chinese government may have been involved.
GJELTEN: Right. Google says this attack came from a Jinan, China. Now, that is the same city in China where Google said its earlier attack last year came from. And the interesting thing here, Robert, is that there is a high-tech military training school in Jinan, where the Chinese army's cyber warriors are said to be trained, so hence the suspicion.
SIEGEL: So is the suspicion that this could have been a practice exercise for people who would later on be doing something more serious? Or what else would be the purpose of something like this?
GJELTEN: Well, possibly the purpose here was what cyber security experts call social engineering. They're trying to find out information about individual people, in order to identify those people whose, let's say, their defenses might be not as great as someone else's. And then those people would be used in a future attack against perhaps another government agency, another company.
So this could have been just the first phase of what would be a much larger, more ambitious attack down the road.
SIEGEL: Secretary Clinton said the government is looking into these allegations. What's likely to happen next?
GJELTEN: Well, she said that the FBI is looking into them. In addition, one of the things that's important to keep in mind here is that the United States is pushing for more international cooperation, more collaboration to stop this kind of thing. This could put pressure on the Chinese government to be more cooperative than it has been in the past if it really, as it's says, wants to stop these attacks.
SIEGEL: Thank you, Tom.
GJELTEN: You're so welcome.
SIEGEL: That's NPR national security correspondent Tom Gjelten. Transcript provided by NPR, Copyright NPR.