新的中国策略 像许多其他的知名公司一样,我们随时要面对不同程度的网络攻击。在12月中旬,我们监测到了一个针对我们公司的网络基础架构的高智能且极具针对性的攻击,这个攻击是从中国发出的,这导致了Google公司的技术性资源被窃取。然而,不久我们就发现,这个一开始被我们认为是独立的安全事故——一个重大的安全事故——其实完全不是我们所预想的。 第一,这次网络攻击不仅仅是针对Google公司的。根据我们的部分调查结果,我们发现至少20家其他大型公司受到了类似的攻击,这些公司所涉足的行业领域很广,包括互联网、金融、科技、传媒和化工。我们目前正在知会这些公司,并且正在与美国相关的官方机构合作。 第二,我们有证据显示黑客们的主要目的之一是进入一些中国人权运动人士的Gmail邮箱帐户。根据我们对相关数据的调查,我们相信他们的攻击并没有达到其目的。只有两个Gmail邮箱帐户看起来被侵入了,黑客们所获取的仅限于帐户信息(例如帐户的创建日期等)和邮件的标题,他们并没有得到邮件正文的详细内容。 第三,作为此次调查的一部分,但不局限于本次网络攻击,我们发现多名在美国、中国和欧洲致力于中国人权活动的Gmail用户的帐户看起来经常被第三方人士调阅。第三方人士调阅这些帐户的途径并不是利用Google的安全漏洞,而很可能是通过网络钓鱼或在用户的计算机上植入恶意软件的方式进行的。 我们已经利用通过本次攻击搜集到的信息对我们的系统架构进行升级,以提高Google公司和我们的用户的网络信息安全。对于个人用户,我们推荐其在计算机上安装知名的反病毒和反间谍软件,为操作系统安装补丁程序,并升级自己的网络浏览器。在点击即时消息和电子邮件中的链接或被要求在线提供诸如密码等个人信息时,保持警惕。你可以更详细得了解一些我们关于网络安全的建议。想要更多得了解这些不同种类的网络攻击的人们可以阅读这份由中美经济和安全观察组织发布的《对国会的报告》(PDF),还有对该组织的相关分析(PDF),Nart Villeneuve的博客和一份关于GhostNet间谍事件的介绍。 我们已经采取了非常规手段,即与许多相关人士共享此次攻击的相关信息,这样做不仅仅是因为我们在此次事件中发掘出的网络安全和人权问题,更重要的是因为,这些信息直指全球关于言论自由的大讨论这一更大议题的核心。过去20年中,中国的经济改革和公民意识的商业化使得数以亿计的中国人脱离贫困。无疑,在当今世界,这个伟大的国家是世界经济发展的中心。 我们在2006年1月启动了Google.cn服务,我们相信让中国民众能够获得更多的信息和一个更为开放的互联网这一预想中的事实能够抵偿我们因为同意审查部分搜索结果而带来的不快。早在那时,我们就明确了一点,我们将一直细心地关注中国的形势,包括新颁布的法律和其他的规定对我们所提供的服务的限制。如果我们认为我们无法达到预想的目的,我们将毫不犹豫地重新考虑我们的在华策略。 这些攻击和他们进行的内容审查,连同过去几年中的进一步限制网络言论自由的企图,让我们下定决心重新审视在华业务的可行性。我们不愿意再继续审查Google.cn上的搜索结果,所以在接下来的几周时间内,我们将同中国政府商讨能否在法律允许的范围内运营一个不被过滤的搜索引擎。我们意识到这可能意味着关停Google.cn服务,也可能包括我们在中国的办公机构。 做出重新审视在华策略的决定是一件非常困难的事情,并且我们知道其影响可能十分深远。我们要说明一点,这次决策是由我们在美国的公司决策层做出的,而一直努力工作使得Google.cn取得如今成就的中国雇员们并没有预先得知或参与此次决策。我们将会负责地着手解决这次出现的棘手问题。 David Drummond, 企业发展部高级副总裁 首席法务官

Like many other well-known organizations, we face cyber attacks of varying degrees on a regular basis. In mid-December, we detected a highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property from Google. However, it soon became clear that what at first appeared to be solely a security incident–albeit a significant one–was something quite different. First, this attack was not just on Google. As part of our investigation we have discovered that at least twenty other large companies from a wide range of businesses–including the Internet, finance, technology, media and chemical sectors–have been similarly targeted. We are currently in the process of notifying those companies, and we are also working with the relevant U.S. authorities. Second, we have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists. Based on our investigation to date we believe their attack did not achieve that objective. Only two Gmail accounts appear to have been accessed, and that activity was limited to account information (such as the date the account was created) and subject line, rather than the content of emails themselves. Third, as part of this investigation but independent of the attack on Google, we have discovered that the accounts of dozens of U.S.-, China- and Europe-based Gmail users who are advocates of human rights in China appear to have been routinely accessed by third parties. These accounts have not been accessed through any security breach at Google, but most likely via phishing scams or malware placed on the users’ computers. We have already used information gained from this attack to make infrastructure and architectural improvements that enhance security for Google and for our users. In terms of individual users, we would advise people to deploy reputable anti-virus and anti-spyware programs on their computers, to install patches for their operating systems and to update their web browsers. Always be cautious when clicking on links appearing in instant messages and emails, or when asked to share personal information like passwords online. You can read more here about our cyber-security recommendations. People wanting to learn more about these kinds of attacks can read this Report to Congress (PDF) by the U.S.-China Economic and Security Review Commission (see p. 163-), as well as a related analysis (PDF) prepared for the Commission, Nart Villeneuve’s blog and this presentation on the GhostNet spying incident. We have taken the unusual step of sharing information about these attacks with a broad audience not just because of the security and human rights implications of what we have unearthed, but also because this information goes to the heart of a much bigger global debate about freedom of speech. In the last two decades, China’s economic reform programs and its citizens’ entrepreneurial flair have lifted hundreds of millions of Chinese people out of poverty. Indeed, this great nation is at the heart of much economic progress and development in the world today. We launched Google.cn in January 2006 in the belief that the benefits of increased access to information for people in China and a more open Internet outweighed our discomfort in agreeing to censor some results. At the time we made clear that “we will carefully monitor conditions in China, including new laws and other restrictions on our services. If we determine that we are unable to achieve the objectives outlined we will not hesitate to reconsider our approach to China.” These attacks and the surveillance they have uncovered–combined with the attempts over the past year to further limit free speech on the web–have led us to conclude that we should review the feasibility of our business operations in China. We have decided we are no longer willing to continue censoring our results on Google.cn, and so over the next few weeks we will be discussing with the Chinese government the basis on which we could operate an unfiltered search engine within the law, if at all. We recognize that this may well mean having to shut down Google.cn, and potentially our offices in China. The decision to review our business operations in China has been incredibly hard, and we know that it will have potentially far-reaching consequences. We want to make clear that this move was driven by our executives in the United States, without the knowledge or involvement of our employees in China who have worked incredibly hard to make Google.cn the success it is today. We are committed to working responsibly to resolve the very difficult issues raised. David Drummond, SVP, Corporate Development and Chief Legal Officer