A security consulting firm that Google brought in to investigate an attack last month — the one that compromised the Gmail accounts of two Chinese political activists — told Computerworld today that they “believe the attack code was designed and launched with support from Chinese authorities.”
Yahoo was also a target of the same attack, the Wall Street Journal reported on Friday afternoon.
This explains the involvement of the U.S. State Department, which met with Chinese diplomats this week. The department is drafting a formal denouncement which will put the heat directly on Premier Wen Jiabao to conduct an investigation.
Mandiant, a security incident response and forensics firm based in Washington, D.C., worked with Google to reverse-engineer the attack. Carlos Carrillo, a principal consultant with the firm, spoke to Computerworld’s Gregg Keizer on Friday:
Carrillo was the project manager for the Google investigation. During an interview Friday, he frequently chose his words carefully, saying that there was much he couldn’t discuss because the work was ongoing.
“The malware was unique,” Carrillo said. “It had unique characteristics … it was … let’s just say it was unique.”
When asked if the code quality pointed toward Chinese state support, Carrillo answered, “I would say so.”
It now appears that for some weeks, Google may have had ample evidence that the Chinese government was behind the break-ins, and that the State Department confronted Chinese authorities with that evidence.