Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

On Tuesday, Google revealed a new spate of attacks aimed at Gmail users, and said the attacks appeared to have come from Jinan, China. The new attacks illustrate the difficulty of stopping hackers who use simple “social engineering” tricks to steal personal data, and they raise questions about how such attacks can ever be traced with certainty.

Personal accounts belonging to U.S. government officials, Chinese political activists, military personnel, and journalists were targeted, the company said in a blog post. Google has pointed to Chinese hackers before—in early 2010 it said attackers from the country had stolen its intellectual property and tried to access the Gmail accounts of human rights activists. The Chinese foreign ministry has vigorously rejected the idea that the Chinese government was responsible for the attacks.

Google says the attackers did not exploit any security holes in the company’s e-mail service. Instead, they involved tricking users into sharing their log-in information. Carefully tailored messages, apparently written by a friend or colleague, were used to direct victims to a fake log-in page where their details were captured. This technique, known as “spear phishing,” was also used recently to steal information from the prominent security company RSA—information that may have been used to perform further attacks on the company’s customers.

Experts say this type of attack is hard to stop; unlike other types of attacks, there is no technical fix. “I think of incidents like this more as a series of successes and failures on the part of the attacker,” says Nart Villeneuve, a senior threat researcher at Trend Micro, which makes antivirus, antispam, and Internet security software. “It’s more of a campaign than it is a single attack.”

Before joining Trend Micro, Villeneuve was heavily involved in tracking attacks on human-rights activists—he was part of the group that revealed a complex hacking operation that spied on figures including the Dalai Lama.

Villeneuve also says it’s hard to identify the real source of this type of attack in order to cut it off. To pinpoint the source of the recent incidents, Google likely looked at a variety of clues, he says. The company could examine the IP addresses used to access e-mail accounts, which can reveal a user’s location. The company could also look at the servers used to host fake log-in pages and collect users’ personal information.

But this alone isn’t enough, Villeneuve says. Attackers can easily take over computers located somewhere else, and use them to launch an attack. “Making your attack seem like it came from somewhere else is not hard,” he says.

2 comments. Share your thoughts »

Credit: Technology Review

Tagged: Web, Google, security, China, gmail, hack

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me