A team of US investigators claim to have tracked down one of the people involved in a full-scale cyber attack on Google in China last year.
A man in his 30s working as a freelance security consultant is believed to have contributed coding to the program used in the attack, which exploited a previously unknown chink in the security armor of Microsoft’s Windows Explorer.
The Financial Times claims a researcher for the US government revealed the hacker’s identity, and says it offers concrete proof the Chinese government sanctioned the Google attack.
If true, the report would validate earlier claims by the New York Times that two Chinese universities were involved the cyber-attack, which targeted users of Google’s Gmail service.
Over the weekend, staff at the schools - Shanghai Jiaotong University and Lanxiang Vocational School – told China’s Xinhua state news agency they were not involved, despite US investigators having traced one of the IP addresses used in the attack to their location.
The staff said that trace was not proof any of their students were involved, however rumored links between Lanxiang Vocational School and China’s military led many to conclude the attacks had official sanction.
Google says the main goal of the attacks was to access the Gmail accounts of known human rights activists in China, but adds the infiltration has shown that many users are vulnerable to regular – but lower profile – attacks.
Although the firm initially threatened to quit China, claiming to be fed up with censorship in the country, it appears to have cooled its heels in recent weeks, stating that any departure would take years to complete.