Citing unnamed investigators, The New York Times has reported that two schools, the Shanghai Jiaotong University and the Lanxiang Vocational School in Shandong Province, are being implicated in the attacks on Google earlier this year. However, one of the schools says NYT made it all up.
Students attacked Google NY Times says. (IMG:J.Anderson)
Nothing much can be taken from the NYT report; as we’ve mentioned before, using IP addresses is a bad way to nail down an attack source. Before getting to the schools, the report pointed out that so far experts and investigators have only been able to track the attacks on Google and other destinations (Operation Aurora) to Taiwan. The problem is that the trail goes cold from there.
In reality, the trail was cold long before that, because most of the Aurora domains were dynamic, and no evidence remains to determine any jump points before accessing the dynamic services.
However, the spin from the article, and the information from the associated investigators, mentions two known facts about the schools, the first being that Jiaotong is regarded as one of China’s top computer science programs, while the other is that Lanxiang is a huge vocational school established with military support. It is also responsible for training some computer scientists for the military.
At this stage, that is what makes the schools likely responsible for the attacks. One is funded with military money and the other produces brains. After that, there is a quote from a professor at Jiaotong’s School of Information Security Engineering, who said if the attacks were launched from there, he isn’t surprised. “Actually students hacking into foreign Web sites is quite normal,” the professor said.
So smart kids, access to technology, resources, and talented teachers. Is this the basis for the intelligence investigation? You could easily apply that filter to M.I.T., Stanford, UCLA, or any number of top-tier schools. Considering the attack methods used in Aurora, you should also look at kids form John Marshall Jr. High here in Indianapolis, as well as the bright kids at Tech High School. The fact is, Aurora was a Malware kit, and it doesn’t take a lot of skill to use them.
Speaking through UK broadsheet The Guardian, a female member of staff at Lanxiang has offered a rebuttal to the accusations made in the NYT report:
"We did not know Google was hacked before the New York Times contacted us – when they called, we told them we know nothing but they still made the story up," she explained.
"Our students are middle school graduates, and we train them to use software like Photoshop," she added. "If our students are so skilled they can hack Google, then what are they here for? I hope the media can be cautious about this report. We don't want to worsen US-China relations or draw national attention."
When it comes to the overall status of Operation Aurora, it can be considered a ghost. No new information supported by solid evidence has come from any of the companies impacted, and the government agencies investigating it are keeping their lips sealed.
Yet, Aurora has produced something substantial over the last few weeks, namely a new marketing term dubbed 'Advanced Persistent Threat'. With this new term comes a host of security vendors using it to pitch products and services, frightening the daylights out of C-Level executives everywhere.
Interested in a more interactive TTH? Join our Facebook Group Want regular updates from The Tech Herald? Follow us on Twitter
Comment on this Story