New findings regarding the origins of the January attacks on Google and some twenty other US corporations have come to light, and they point to two academic institutions in China. Also, there are indications that the attacks can be dated way back to April 2009.
The two schools in question are the Shanghai Jiaotong University and the Lanxiang Vocational School.
According to The New York Times, the first is home to one of the top computer science programs in China, whose superiority was witnessed a couple of weeks ago when they came first in the IBM-sponsored “Battle of the Brains”, beating 102 other teams from around the world, including the US champions – the team from Stanford University.
The second is endorsed by the military, since it is one of the schools from which future army computer scientists are trained. It is also worth mentioning that this school’s network is managed by company closely connected to China’s most popular search engine Baidu.
And while the involvement of students of the vocational school is suspected to come from a particular computer science class led by a Ukrainian professor – on whose existence and/or activity the school has refused to comment, a professor teaching Web security at Jiaotong University admits he is not surprised at the news. “Actually students hacking into foreign Web sites is quite normal,” he says.
“I believe there’s two kinds of situations,” he elaborated. “One is it’s a completely individual act of wrongdoing, done by one or two geek students in the school who are just keen on experimenting with their hacking skills learned from the school, since the sources in the school and network are so limited. Or it could be that one of the university’s IP addresses was hijacked by others, which frequently happens.”
Proving whether behind the intrusions are individuals that were only “experimenting” or were actually working under the orders of the Chinese government or military will be very difficult, if not impossible.
James C. Mulvenon, director at the Center for Intelligence Research and Analysis in Washington, says the second theory is quite likely, since the Chinese government often avails itself of the services of “patriotic hackers”. According to him, their approach to cyber espionage differs from the US model inasmuch they have dispersed assets in many organizations and institutions, and not just in government agencies.