Google China e-mail hack: FBI to investigate

Secretary of State Hillary Clinton "These allegations are very serious," Mrs Clinton told reporters in Washington

Related Stories

The FBI is investigating "serious" claims that hackers in China breached e-mails of top US officials, Secretary of State Hillary Clinton has said.

On Wednesday, Google said a campaign to obtain passwords was aimed at monitoring e-mail, and originated in Jinan, a city in eastern China.

The Chinese government on Thursday denied it was involved.

US government agencies have said no official email accounts were hacked and have released no further information.

"These allegations are very serious. We take them seriously. We are looking into them," Secretary of State Clinton said.

In a statement on an official company blog on Wednesday, Google said its security was not breached but indicated hundreds of individuals' passwords were obtained through fraud.

Chinese political activists and officials in other Asian countries were also targeted, Google said.

Foreign Ministry spokesman Hong Lei said China was working to crack down on global computer hacking, but he did not say whether the government would investigate Google's report.


Security experts say they are seeing an increase in these so-called spear phishing incidents in which attackers go after specific information or assets and aim at "high value individuals".

One consultant described it as an "epidemic", while another said such attacks are all too easy to perpetrate given the amount of information that lives on the internet about people - from their Twitter stream to their Facebook pages to sites that trace your family tree.

A smart attacker can assemble enough information to "influence and convince" a target that they are receiving a genuine email from someone they know.

"Allegations that the Chinese government supports hacking activities are completely unfounded and made with ulterior motives," Mr Hong said, according to the Reuters news agency.

The e-mail scam uses a practice known as "spear phishing" in which specific e-mail users are tricked into divulging their login credentials to a web page that resembles Google's Gmail web service (or which appears related to the target's work) but is in fact run by hackers, according to a an external blog report pointed to by Google.

Having obtained the user's e-mail login and password, the hackers then tell Gmail's service to forward incoming e-mail to another account set up by the hacker.

In Washington, the BBC's Adam Brookes says it is extremely difficult for analysts to determine whether governments or individuals are responsible for such attacks.

But the fact that the victims were people with access to sensitive, even secret information, raises the possibility that this was cyber espionage, not cyber crime, our correspondent says.

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More US & Canada stories



Try our new site and tell us what you think. Learn more
Take me there

Copyright © 2015 BBC. The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.