Google's security team eventually managed to gain access to a server that was used to control the hacked systems, and discovered that it was not the only company to be hit.
This appears to be new and interesting information.
If it was government, why would they risk hacking more than one company from the same machine?
Edit: Seems more likely that the anti-hack claim is bs, as other comments are suggesting Google employees did the hacking from within the office. This would suggest the attacks against the other companies were on Google-run apps used by those companies.
If you go to Nart Villeneuve's blog http://www.nartv.org/, which Google's blog post linked to, he's got a cool pdf on tracking GhostNet (Chinese government cyber-espionage network). The command and control servers that were discovered in earlier attacks do in fact operate this way.
In tracking Chinese infiltration of the Tibetan movement, they discovered compromises in various embassies and other organizations in countries all over the world.
I agree. Given the information that was available yesterday, this all seemed very plausible. As more and more becomes available, it seems less and less likely to be the government.
Chinese government hackers are not script kiddies. They would not make that mistake, even in the made for TV movie. Chinese, indeed ANY, national intelligence agency is well resourced.
My guess is that either a lot of information coming out about this right now is being made up by people with no verifiable knowledge of the matter, or there is something that Google is not telling us. Could be both, but I'd put money on internet based know-nothing loudmouths.
Could have just been redundancy built into the command-and-control network. If you're running a huge spying program... why not? It's a lot easier for regular traffic to/from a google IP address to avoid attention than traffic to/from a personal cable modem.
And just saying what Google has said, the way they've said it, is pretty much the end of their business in China. It would take something like a glastnost event or revolution for things to change course now.
That's an awfully high a price to pay unless you're pretty damn sure the government is directly responsible, or protecting those that are.
they did manage to get some "account information (such as the date the account was created) and subject line."
That's because they apparently were able to access a system used to help Google comply with search warrants
This implies that Google handles gov't requests for information through a filtered system that can only access meta-data. If this is true, I appreciate that protection.
Awesome. It looks like a mod here changed the title for HN. The original article has a misleading title reading "China: Google attack part of widespread spying effort".
This appears to be new and interesting information.