Read the Beforeitsnews.com story here. Advertise at Before It's News here.

By Alexander Higgins (Reporter)
Contributor profile | More stories

Story Views
Now:
Last hour:
Last 24 hours:
Total:

Google Runs CIA ‘State-Sponsored Cyber Attacks’ PsyOp Against China

Thursday, June 7, 2012 3:37

% of readers think this story is Fact. Add your two cents.

Google launches a CIA PsyOp warning of ‘state-sponsored cyber attacks’ to foment unrest in China and ramp up support for cybersecurity legislation in America.

Earlier today the NY Times reported the Google announced they received intelligence of “state-sponsored” hacking attacks being launched against users and would should begin issued warnings to individuals who the had specific “intelligence” were being targeted.

Google Issues New Warning for State-Sponsored Attacks

Starting Tuesday, look out for an unusual warning atop your G

Starting Tuesday, look out for an unusual warning atop your Gmail inbox, Google home page or Chrome browser. It will not mince words: “Warning: We believe state-sponsored attackers may be attempting to compromise your account or computer.”

Google said it planned to issue the warning anytime it picks up malicious–possibly state-sponsored–activity on a user’s account or computer. How does Google know whether an attack is state-sponsored? It won’t say.

“We can’t go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis—as well as victim reports—strongly suggest the involvement of states or groups that are state-sponsored,” Eric Grosse, Google’s vice president of security engineering, wrote in a blog post.

The announcement is timed just one week after security researchers discovered Flame, a massive, data-mining virus, had been spying on computers in the Middle East– predominantly in Iran– for at least the last four years.

Researchers say they believe the Flame virus is sponsored by the same entity that commissioned Stuxnet, a virus co-sponsored by the United States and Israel, that destroyed thousands of Iranian centrifuges in 2010.

Source: NY Times

The NY Times like everyone else in the US immediately pointed their fingers as the US-Israel sponsored “Flame” virus, the latest generation of the notorious Stuxnet virus used to attack Iran’s nuclear facilities.

I was invigorated by the thought that Google, who is constantly blamed being in cahoots with the NSA and CIA, was actually turning against the US government’s tyranny and was going to start blowing the whistle for attacking the accounts of U.S. citizens.

I wasn’t the only one excited that We the People found a new ally in Google, as Cannonfire took the alternate angle of suggesting Google was new protecting users from an Israel based cyber-war. The Obama administration does admit after that Stuxnet and its predecessor, Flame, were developed to appease Israel so they didn’t physically attack Iran.

Israel declares cyber-war on the world

An ultra-weird story appeared in the NYT yesterday:

Starting Tuesday, look out for an unusual warning atop your Gmail inbox, Google home page or Chrome browser. It will not mince words: “Warning: We believe state-sponsored attackers may be attempting to compromise your account or computer.”

Which state? Google won’t say. Neither will the NYT — at least not directly. However:

The announcement is timed just one week after security researchers discovered Flame, a massive, data-mining virus, had been spying on computers in the Middle East– predominantly in Iran– for at least the last four years.

Researchers say they believe the Flame virus is sponsored by the same entity that commissioned Stuxnet, a virus co-sponsored by the United States and Israel, that destroyed thousands of Iranian centrifuges in 2010.

If you’ve been following Marcy Wheeler, you know much about the story of Stuxnet, a computer virus — actually a worm — designed to take down Iran’s nuclear program. It was created by the NSA and a little-known, but ultra-important, Israeli agency called Unit 8200. The worm has turned into a massive problem, since it has infected innumerable systems outside Iran; there’s a good chance that it’s on your computer right now.

Worse: The worm was supposed to have a kill switch; it was intended to deactivate itself after a certain date. But someone killed the kill switch — and all signs point to Israel. A story by David Sanger for the New York Times claims that a briefer told Obama that the Israelis modified the worm. Lo, it shall be with us always.

Flame, another U.S.-Israel joint venture in cyber-war, may be even worse.

Last week the New York Times quoted an Iranian cyberdefense official who said the virus’s encryption looked like Israel’s handiwork. Kaspersky Lab, a Russian antivirus company, said Flame might have been created by the same contractors who were responsible for Stuxnet, working with a different team of programmers. Flame is a targeted virus, just as Stuxnet was, but while the latter was aimed at industrial control systems, Flame doesn’t appear to be targeting any particular industry or system — just Windows PCs in the Middle East.

Flame is a huge virus — 20 megabytes of various modules, databases, and varying levels of encryption. It’s 40 times larger than Stuxnet, and it’s been operating for at least two years without having been detected. So far researchers have a pretty good idea of what it’s designed to do — steal and transmit information from infected machines — but because it contains so much code, it will take years to fully analyze. So far we know it can activate a computer’s built-in microphone to record Skype conversations, siphon contact information from an address book, and transmit screenshots of user activity.

In spite of its fairly conventional data-theft tactics, the consensus is that it’s the work of a nation-state rather than just a group of programmers — Finnish security firm F-Secure said that it was “most likely launched by a Western intelligence agency.”

Even UPI admits that Unit 8200 created Flame. This background briefing on 8200 is downright jaw-dropping. This story on Flame strongly indicates (without actually stating) that the Flame virus is, in fact, the “state-sponsored” malware prompting Google’s unprecedented warning.

[...]

Source: Cannon Fire

But on the rest of the web a different narrative started to emerge.

This speculation offered up both the US-Israel pair for their involvement in Stuxnet/Flamet and China for last year’s allegations they hacked Gmail as potential targets of Google’s “state-sponsored” cyber attack warnings.

Google Warns Users of Government Hacker Attacks

Never mind Stuxnet’s infiltration of Iranian nuclear facilities – national governments are carrying out Internet attacks against private citizens, often their own. Now Google has stepped into the breach. If it detects an attack, the search giant says, it will warn the victim and block the perpetrator.

Diplomatic cables leaked by WikiLeaks implicated the Chinese government in hacking into alleged dissidents’ Google accounts. This incident led to Google pulling its business out of China, although since then it has inched its way back. Google wants to serve the huge Chinese user base, but it will implement new security measures to protect those who might come under attack by prying governments.

Google’s New Warning

[...]

“When we have specific intelligence – either directly from our users or from our own monitoring efforts – we show clear warning signs and put in place extra roadblocks to thwart these bad actors,” wrote Eric Grosse, Google’s VP of security engineering.

[...]

The new warning against state-sponsored hacking reads, “Warning: We believe state-sponsored attackers may be attempting to compromise your account or computer.” The message is followed by a link to “protect yourself now.” Google won’t provide the URL for the linked page, and the text does not retrieve any Google search results. However, a Google staffer shared some of the copy with Andy Greenberg at Forbes:

It’s likely that you received emails containing malicious attachments, links to malicious software downloads, or links to fake websites that are designed to steal your passwords or other personal information. For example, attackers have often been known to send PDF files, Office documents, or RAR files with malicious contents. We strongly recommend that you avoid clicking links or attachments in suspicious messages.

[...]

How Does Google Know an Attack is State-Sponsored?

Google spokespeople will not comment on the announcement beyond what is written therein. But Grosse anticipated the question of how Google knows an attack is state-sponsored:

“We can’t go into the details without giving away information that would be helpful to these bad actors,” he wrote, “but our detailed analysis – as well as victim reports – strongly suggest the involvement of states or groups that are state-sponsored.”

[...]

What does Google do when governments knock on the front door (legally speaking) and ask for user data? That’s another story.

Source: Read Write Web

Of course that leads to this little piece of propaganda from Google:

Better search in mainland China

Over the past couple years, we’ve had a lot of feedback that Google Search from mainland China can be inconsistent and unreliable. It depends on the search query and browser, but users are regularly getting error messages like “This webpage is not available” or “The connection was reset.” And when that happens, people typically cannot use Google again for a minute or more. This video shows what’s happening:

We’ve taken a long, hard look at our systems and have not found any problems. However, after digging into user reports, we’ve noticed that these interruptions are closely correlated with searches for a particular subset of queries.

So starting today we’ll notify users in mainland China when they enter a keyword that may cause connection issues. By prompting people to revise their queries, we hope to reduce these disruptions and improve our user experience from mainland China. Of course, if users want to press ahead with their original queries they can carry on.

In order to figure out which keywords are causing problems, a team of engineers in the U.S. reviewed the 350,000 most popular search queries in China. In their research, they looked at multiple signals to identify the disruptive queries, and from there they identified specific terms at the root of the issue.

We’ve observed that many of the terms triggering error messages are simple everyday Chinese characters, which can have different meanings in different contexts. For example a search for the single character [江] (Jiāng, a common surname that also means “river”) causes a problem on its own, but 江 is also part of other common searches like [丽江] (Lijiang, the name of a city in Yunnan Province), [锦江之星] (the Jinjiang Star hotel chain), and [江苏移动] (Jiangsu Mobile, a mobile phone service). Likewise, searching for [周] (Zhōu, another common surname that also means “week”) triggers an error message, so including this character in other searches—like [周杰伦] (Jay Chou, the Taiwanese pop star), [周星驰] (Stephen Chow, a popular comedian from Hong Kong), or any publication that includes the word “week”—would also be problematic.

Now, when a user types in a common term like [长江] (Yangtze River) from China, Google highlights the problem term [江] as they type, and when they press “enter” a drop-down menu appears beneath the search box:

Notices will appear matching the user’s language settings.

[...]

Source: Propaganda Piece On The Official Google Search Blog

I call that a propaganda piece, because if the connection resets are occurring on behalf of the Chinese Government as Google alleges in the video, a simple packet sniffer would easily be able to pick up the RST flag during the TCP handshake from the client Computer. Furthermore Google should also be able to document the handshake process with a network tracing the network communications from their servers and display the full network conversation proving what they claim. Instead, they turned it a spectacle.

Finally, technically issues aside, Google can simply force users to initiate an encrypted connection using SSL/TLS. A secure connection between the client would not be vulnerable to the attack Google is showing in the video. No one would no what the keyword being searched for. So, if as alleged China is resetting the connection for certain keywords, SSL would prevent the attack and force China to allow all Google searches or none at all. Furthermore, even without a SSL, Google should be responsible enough to at least use a client side library to encrypt or obfuscate the user’s search query and other sensitive data before sending it across the network. Again, this is all propaganda to put on a pretty show about “big bad China”

Now we come full circle back to Google’s warning about “state-sponsored cyber attacks” and now less than 24 hours later, China is the target of the warnings.

Reports are surfacing on the internet that many journalists and activists in China indeed are receiving the warning.

Journalists and activists in China warned of “state-sponsored” Gmail hacking

A number of journalists and activists in China have received warnings from Gmail that “state-sponsored attackers may be attempting to compromise your account or computer.”

Google yesterday began notifying users if their Gmail accounts were suspected of being the targets of state-sponsored hacking attempts. “When we have specific intelligence—either directly from users or from our own monitoring efforts—we show clear warning signs and put in place extra roadblocks to thwart these bad actors,” said Google in an announcement posted on its official online security blog.

Google has not specified how it was able to confirm the involvement of “states or groups that are state-sponsored,” because it cannot give details “without giving away information that would be helpful to these bad actors.”

Prominent activists including Zeng Jinyan (曾金燕), wife of dissident and Sakharov Prize winner Hu Jia (胡佳), have reported seeing the message on their Gmail accounts.

Xander Yang, assistant producer of France24′s Beijing Bureau, posted the notification on his micro-blog when he saw the warning in a pink banner on Gmail Wednesday evening.

[...]

Source:Shanghaiist

So now we know have answers to the question’s of where Google is getting its intelligence from.

Obviously, the CIA and the NSA are giving the information to Google.

Immediately arise questions of transparency and accountability since the legitimacy of the information the government is providing them of course can not be verified.

This is disturbing because not only is Google running a Psyop against China for the US government to further the campaign to overthrown the Chinese government but the Psyop is also serves the dual purpose of of providing legitimacy to the government created fable that state-sponsored cyber-attacks are real and unless we need let Big Brother watch everything we do on the internet in the name of Cyber-security the bogey man will get us.

This also gives us our first taste of what the CISPA cybersecurity legislation will look like.

Just as the corporate media acts as stenographers for the government echoing every word the government utters without question soon our telecommunication and internet security related firms do the same.

Acting on planted, fabricated and assassin intelligence reports these companies will be taking specific actions on digital networks again without question on the orders of the icy manipulators in our spook agencies.

Welcome to 1984. We have always been at war with China. China has always been at war with America. Big Brother is watching.

Source: Google Runs CIA ‘State-Sponsored Cyber Attacks’ PsyOp Against China ©
Copying or redistribution of this material requires that this license must remain intact with attribution to the content source.