LONDON (Reuters) - From the satellite pictures on Google Earth, Jinan looks like any other Chinese city — sprawling construction sites, massive factory blocks, apartment buildings, a university, dozens of railway lines and wide-open plazas.
But according to the Internet giant, somewhere in the city — the capital of China’s eastern Shandong province — are the computer servers used to try to steal the passwords of hundreds of Google e-mail account holders. They included senior U.S. officials, human rights activists and journalists.
Perhaps, experts say, it came from the “technical reconnaissance bureaus” of the People’s Liberation Army said to be based in the city. Perhaps it came from the technical college U.S. investigators linked last year to a previous attack on Google that prompted it to temporarily quit mainland China.
But it also could have come from a laptop computer in the bedroom of a freelance hacker motivated either by patriotic fervor, official suggestion or simply the hope of financial reward.
And it could have come from a computer in Jinan that was hijacked from a location outside China, where officials have angrily denied any involvement. Hacking, they say, is a global problem and they are just as much a victim as anyone else.
Cyber security specialists say the truth may never be known. If anything, they say what is unusual about the Google case is that it was even detected. But it was, and now it could spark a major new diplomatic incident between Washington and Beijing.
“This looks like a fairly crass attempt at intelligence-gathering,” said John Bassett, a former senior official at Britain’s signals intelligence agency GCHQ and now associate fellow at the Royal United Services Institute. “It’s incompetent in that the intruders were spotted quickly. The targeting looks wholesale and rather random ... It feels like an effort by B-team players that’s gone badly wrong.”
It’s the kind of situation that is likely to arise more and more in the years to come as governments and non-state actors alike — activists, criminal hackers, militants and more — vie for information, power and access in cyberspace.
With Western and emerging powers pouring billions into not just cyber defenses but also increasingly powerful electronic weaponry that could down essential national infrastructure, some worry events could one day spiral out of control.
The Stuxnet computer worm — widely believed to have been a state-backed attack on Iran’s nuclear program — showed how cyber weaponry could target and damage physical systems. The concern is compounded by the possibility of an attack being blamed on the wrong country.
“There is a risk of unintended escalation in cyberspace,” says Melissa Hathaway, a former senior U.S. official on cyberspace now working as a private consultant. “It’s very easy to mask where you’re coming from.”
No one has yet worked out what a proportional response might be to data theft, the apparent motive in the Google case — particularly given that national intelligence agencies have long secretly stolen information from each other.
But in its new cybersecurity doctrine, Washington says no options would be off the table if it were faced with a cyber attack that caused serious damage or cost lives.
“What the U.S. has said is that there are a number of ways in which you could respond to cyber attacks including economic measures and perhaps also military measures,” said US State Department coordinator for cyber issues Christopher Painter. “The most important thing is to build international consensus... it’s not just China that we need to engage with. It is an important part of our agenda with every country.”
The Google hacking attempt is the latest in a series of often sophisticated hacking cases, which have hit U.S. defense giant Lockheed Martin, entertainment giant Sony and others.
China, often the first to be blamed, says it is being unfairly accused by countries that are simply unhappy at how Chinese growth is swiftly eroding Western economic, military and geopolitical dominance.
Some experts say there is an element of double standards in play. Western states, particularly the United States and its allies, have long been occasionally suspected of using powerful signals intelligence agencies for diplomatic and business advantage. Nor have they eradicated cyber crime in their own backyards.
China, the United States and other powers all say they are trying to build consensus over how to deal with cybersecurity, anxious to avoid an unnecessary escalation in tension that could at worst fuel real-world conflict.
Contact between the United States and its allies on such issues is growing, albeit from a very low base. In a special report on cybersecurity last month, Reuters revealed for the first time secret proxy talks aimed at reducing tension.
This week in London, U.S. and Chinese officials spoke at a cybersecurity conference organized by the U.S.-based EastWest Institute. The think tank says it has been working at finding common ground between Washington and Beijing on tackling spam, a relatively noncontroversial area.
“Some people say building trust is impossible but it is getting better,” EastWest Institute president and CEO John Edwin Mroz said. “Last year they sent someone but it wasn’t an official. This year it was an official. Next year it should be someone even more senior.”
At the heart of the problem, experts say, is that technology has leapt far ahead of the policy debate. U.S. officials and others want at least some basic “rules of the road” clarified and accepted by all sides.
Nations, for example, might accept an obligation to investigate any attacks or criminal activity emanating from their territory. Failure to do so might be seen as partial admission of guilt.
All major powers have a vested interest in making sure systems are in place to avoid an instantaneous reaction to a cyber attack that could hurt everyone — and might encourage some players to try to start a conflict between others.
Security experts say there are already signs some Russian hackers are deliberately writing Chinese code into their programs to put investigators off the scent.
“We (all) have an interest in avoiding logic bombs in electric grids and we... have an interest in avoiding instant response which leaves us open to false flag attacks,” says Joseph Nye, professor of international relations at Harvard and a former senior official in the U.S. intelligence community, state and defense departments.
The most important thing, many experts say, is to start building the structures that allow for swift communication in the event of a crisis.. Otherwise, cyber disputes could increasingly undermine Sino-American ties.
“The increase in frequency and severity of these attacks is raising alarm bells,” says Ian Bremmer, president of political risk consultancy Eurasia Group. “Problems on cyber are beginning to leak into the strategic relationship (as) one of several big issues conspiring to derail what has been, to date, a reasonably well-managed relationship.”
Additional reporting by Louis Charbonneau; Editing by Warren Strobel and Cynthia Osterman