Geekday: Google, China, and Honor Among Thieves

In our own hemisphere, there is a disaster of such a vastness of destruction and suffering as will break the coldest, most Cheney-esque heart. So why are the mass media all buzzing over the Google-China confrontation? This time, I think there is substance to the sound…

The Chinese government’s malware attack on Google is a prominent manifestation of the growing plague of global cyber-espionage. Yesterday, PC World posted the best summary I’ve seen of what’s really behind it all (also see the update at the end of this post):

Google, by implying that Beijing had sponsored the attack, has placed itself in the center of an international controversy, exposing what appears to be a state-sponsored corporate espionage campaign that compromised more than 30 technology, financial and media companies, most of them global Fortune 500 enterprises.

The U.S. government is taking the attack seriously. Late Tuesday, U.S. Secretary of State Hillary Clinton released a statement asking the Chinese government to explain itself, saying that Google’s allegations “raise very serious concerns and questions.”

Indeed they do. Note that, in addition to Google, some 30 companies and their Internet properties were attacked, and that, as one security expert asserted, this was not the first time. In other words, let’s not give credit where it isn’t due: this story is not about Google suddenly donning its “do-no-evil” halo in defense of Chinese human rights activists — this is bigger, deeper, more ominous than that. This is a direct assault on corporate property — web servers, mail servers, and proprietary corporate information. For a technology company, this is the equivalent of burning the factory or robbing the vaults. Nothing less would make a corporation like Google risk the loss of such a vast — and vastly profitable — source of business. China has crossed a line that the most aggressive and corrupt of American corporations won’t touch.

In corporate America, companies will pass cheap slurs against one another; they will sometimes attempt to steal away key personnel from one another, as many of AIG’s competitors did in late 2008 amid that company’s most vulnerable months (don’t tell me it didn’t happen, I saw it happen, and I know details about how it happened); they will even try to worm out insider information on their competitors’ products, customers, and resources. But I am not aware of an instance of one firm’s IT people directing a viral or malware attack against another company’s servers or web properties. Even the criminality of American corporations has its limits; there is indeed a code of honor among thieves.

The proof is in the reaction, not just of Google, but of its competitors. Yahoo came out in support of its arch enemy in the search battleground. The Chinese attack is not merely an assault against human rights activists or a single corporation; it is a deep strike against the foundation of enterprise. It is a bald and arrogant government-sponsored attack on business. Remember that even the Bush administration, when it wished to violate our Constitution and conduct domestic surveillance on Americans, didn’t hack the servers of the ISPs — they went to the companies and asked (often, it must be added, with an arm-twisting approach).

China is relatively new to the game of multinational geopolitical capitalism. It will have to learn that, while you can export poisoned food and defective products (our companies do it too), or callously manipulate currencies and exchange rates to tilt the field of battle in your own favor; you cannot expect to get away with the direct theft of IP, for that is a destructive blow to the very field on which the game is played.

In any event, this will be a story to watch unfold, because it will tell us something about the limits of international espionage in a new century, a new era; it will shed new light on the soft underbelly of capitalism and the honor among thieves.
___________________________________________

Update: Today, C-Net provides its review of the Google incident, with further detail on the other companies affected and some of the dynamics of the attack. It’s fairly sobering stuff — especially this quote:

“The IP addresses used to launch the attacks are known to be associated with previous attacks from groups that are either directly employed agents of the Chinese state or amateur hackers that are proxies for them that have attacked other U.S. companies in the past.”
–Eli Jellenc, head of international cyberintelligence, iDefense