Today I read an excellent article from the NY Times (link below) about what seems to have happened back in December that caused Google to end up more or less getting out of China. We knew it was serious but it’s probably a lot worse than most of us could have even imagined. The problem of course is that if the Chinese government is involved, you can imagine how they would not be helping Google prosecute such attacks, giving incentives for these hackers to keep it going until they have what they need. Needless to say that the costs involved are incredibly high.
This article is focused on Google but it’s easy to imagine any other target as well as any type of data being vulnerable to such attacks, something that remains very scary. I’ve been reading over and over about the threat of cyber-attacks and cyber-warfare and when you read about attacks like this, it becomes very clear that these methods are far from being science fiction. It has probably already been happening but not on a big enough scale or not with enough success to make it in the mainstream news.Of course, the US government has no interest in making it clear how vulnerable it is or what its weaknesses are and we will probably not have an accurate idea until something serious happens. Hopefully never but that is doubtful of course.
So what to do now?
Obviously, Google has tons of data, probably the largest set of data of any institution right now. And that is where much of the company’s value resides. So having Chinese hackers gain access to Google’s networks through Google’s Chinese operations was a major threat. There seems to have been two obvious solutions:
-Separating Google China’s network entirely from all other operations to give no opportunity for hackers that would succeed in attacks to gain access to US or other servers. Of course, that would be very expensive as it would mean duplicating all activities, security, administation, etc. Google decided instead to basically get out of China.
-Since China is not the only government to create such problems, Google has decided to be more vocal about the governments that are making such requests. A few weeks ago, the company publicly complained about Vietnam’s censorship And today, Google launched a website that will help track governments that are censoring the web.
Is Google doing the right thing?
There is no clear answer to that question but I think anyone who was judging Google’s response against the Chinese government should really take a look at the NY Times’ article. If such attacks can go on every day without punishment (because they occur on China’s soil), it becomes very expensive to secure the company against such attacks and the potential of losing important data is probably a lot more expensive to Google than the revenue it anticipates in China. Difficult to believe perhaps for many, but after reading this article, I’m a believer. Are you?