Google announced today it discovered a phishing attack from China specifically targeting senior U.S. government officials, Chinese political activists, journalists and military personnel. A statement posted on the official Google blog says hundreds of e-mail accounts were hacked into by "bad actors" originating from Jinan, China. "The goal of this effort seems to have been to monitor the contents of these users' emails, with the perpetrators apparently using stolen passwords to change peoples' forwarding and delegation settings," wrote Google engineering director Eric Grosse. According to The Wall Street Journal, the attack risks "further complicating relations between the Internet giant" and China, which has the highest number of Internet users.
It seems phishing attacks targeting Gmail users are becoming more and more prevalent these days. In April the wife of James Fallows, The Atlantic's national correspondent and, coincidentally, resident China expert, had her account taken over from a phishing attack aimed at suckering victims out of cash. After he heard from six other friends who had similar experiences, he pronounced it a "hacking epidemic." Like what Google is doing today, Fallows warned users to protect themselves by changing their passwords and switching to Google's two-step authorization system. It's not clear who was behind these attacks, Google won't say. In Fallows's wife's case, her account was hijacked and her contacts were sent this letter asking for money.
It's not out of the question that China may have undertaken today's announced attack. As the Journal notes, Google has blamed China in the past for attacks on its computer networks. If that were the case, it's an interesting time for U.S officials to be attacked by a foreign state, just as the Pentagon has decided that cyber attacks on the U.S. are considered an act of war. If Google blames China for the attacks on U.S. officials, it will indeed be interesting to see how the Pentagon responds.