Vast Hacking by a China Fearful of the Web

As China ratcheted up the pressure on Google to censor its Internet searches last year, the American Embassy sent a secret cable to Washington detailing one reason top Chinese leaders had become so obsessed with the Internet search company: they were Googling themselves.
State's Secrets Day 7
Articles in this series will examine American diplomatic cables as a window on relations with the rest of the world in an age of war and terrorism.
Other Articles in the Series » . Related Documents Chinese Government Singles Out Google
Chinese Press Controls Discussed
Chinese Warning about Google Earth
Cyber-Attacks and Other Security Threats
China's Ties to the World of Computer Hackers
Talk to the Newsroom Editors and reporters are answering questions.
Send Questions
. The May 18, 2009, cable, titled “Google China Paying Price for Resisting Censorship,” quoted a well-placed source as saying that Li Changchun, a member of China’s top ruling body, the Politburo Standing Committee, and the country’s senior propaganda official, was taken aback to discover that he could conduct Chinese-language searches on Google’s main international Web site. When Mr. Li typed his name into the search engine at google.com, he found “results critical of him.”
That cable from American diplomats was one of many made public by WikiLeaks that portray China’s leadership as nearly obsessed with the threat posed by the Internet to their grip on power — and, the reverse, by the opportunities it offered them, through hacking, to obtain secrets stored in computers of its rivals, especially the United States.
Extensive hacking operations suspected of originating in China, including one leveled at Google, are a central theme in the cables. The operations began earlier and were aimed at a wider array of American government and military data than generally known, including on the computers of United States diplomats involved in climate change talks with China.
One cable, dated early this year, quoted a Chinese person with family connections to the elite as saying that Mr. Li himself directed an attack on Google’s servers in the United States, though that claim has been called into question. In an interview with The New York Times, the person cited in the cable said that Mr. Li personally oversaw a campaign against Google’s operations in China but the person did not know who directed the hacking attack.
The cables catalog the heavy pressure that was placed on Google to comply with local censorship laws, as well as Google’s willingness to comply — up to a point. That coercion began building years before the company finally decided to pull its search engine out of China last spring in the wake of the successful hacking attack on its home servers, which yielded Chinese dissidents’ e-mail accounts as well as Google’s proprietary source code.
The demands on Google went well beyond removing material on subjects like the Dalai Lama or the 1989 Tiananmen Square massacre. Chinese officials also put pressure on the United States government to censor the Google Earth satellite imaging service by lowering the resolution of images of Chinese government facilities, warning that Washington could be held responsible if terrorists used that information to attack government or military facilities, the cables show. An American diplomat replied that Google was a private company and that he would report the request to Washington but that he had no sense about how the government would act.
Yet despite the hints of paranoia that appear in some cables, there are also clear signs that Chinese leaders do not consider the Internet an unstoppable force for openness and democracy, as some Americans believe.
In fact, this spring, around the time of the Google pullout, China’s State Council Information Office delivered a triumphant report to the leadership on its work to regulate traffic online, according to a crucial Chinese contact cited by the State Department in a cable in early 2010, when contacted directly by The Times.
The message delivered by the office, the person said, was that “in the past, a lot of officials worried that the Web could not be controlled.”
“But through the Google incident and other increased controls and surveillance, like real-name registration, they reached a conclusion: the Web is fundamentally controllable,” the person said.
That confidence may also reflect what the cables show are repeated and often successful hacking attacks from China on the United States government, private enterprises and Western allies that began by 2002, several years before such intrusions were widely reported in the United States.
At least one previously unreported attack in 2008, code-named Byzantine Candor by American investigators, yielded more than 50 megabytes of e-mails and a complete list of user names and passwords from an American government agency, a Nov. 3, 2008, cable revealed for the first time.
Precisely how these hacking attacks are coordinated is not clear. Many appear to rely on Chinese freelancers and an irregular army of “patriotic hackers” who operate with the support of civilian or military authorities, but not directly under their day-to-day control, the cables and interviews suggest.
But the cables also appear to contain some suppositions by Chinese and Americans passed along by diplomats. For example, the cable dated earlier this year referring to the hacking attack on Google said: “A well-placed contact claims that the Chinese government coordinated the recent intrusions of Google systems. According to our contact, the closely held operations were directed at the Politburo Standing Committee level.”

Posted in: Wiki Leaks