Google is investigating reports that someone at its China headquarters may have – willingly or unwittingly – assisted in what is believed to have been infiltration of its networks by Chinese officials.
Google has threatened to quit China after the infiltration of its networks and theft of its intellectual property.
It is claimed the attack, in which a Trojan was inserted allowing remote access, may have been aimed at reading the emails of political dissidents.
While some media have claimed China had managed to plant a ‘mole’ inside Google, security firm McAfee believes otherwise.
McAfee says it has analysed code used in the attack, and believes it was what’s known as a ‘spear phishing attack’.
This is done by sending an email to staff in the targeted company, inviting them to click on a link which downloads the Trojan. The Trojan then exploited a vulnerability in the Internet Explorer browser.
Microsoft has been scrambling to deal with the IE issue, which prompted the governments of France and Germany to advise their citizens to switch to another browser. A special patch will be issued for the vulnerability on Friday January 22nd, NZ time. However, Mircosoft points out the problem is mostly with older versions of IE (particularly version 6), and upgrading to IE8 will offer the best immediate protection for most users. More tips on how to browse safely with IE can be found here.
If McAfee’s claims are true, then the email must have been very convincing, or else Google’s staff in China are rather naive.