Update: The Financial Times is reporting that the writer of the code used in the infamous attacks on Google and other companies has allegedly been identified. The publication’s Joseph Menn writes:
A freelance security consultant in his 30s wrote the part of the program that used a previously unknown security hole in the Internet Explorer web browser to break into computers and insert the spyware, a researcher working for the US government told the Financial Times. Chinese officials had special access to the work of the author, who posted pieces of the program to a hacking forum and described it as something he was “working on”.
Original Article: The recent online attacks on Google (and other companies) that were widely publicized last month have now reportedly been traced to computers at two schools in China. In addition, investigators are now saying the attacks could have begun all the way back in April.
The attacks of course led to Google threatening to pull its business out of China, with the company believing that the Chinese government was involved. According to the New York Times, one of the schools recently discovered to be linked to the attacks has "close ties" to the Chinese military. The NYT reports:
If supported by further investigation, the findings raise as many questions as they answer, including the possibility that some of the attacks came from China but not necessarily from the Chinese government, or even from Chinese sources.
Tracing the attacks further back, to an elite Chinese university and a vocational school, is a breakthrough in a difficult task. Evidence acquired by a United States military contractor that faced the same attacks as Google has even led investigators to suspect a link to a specific computer science class, taught by a Ukrainian professor at the vocational school.
The names of the two schools are Shanghai Jiaotong University and the Lanxiang Vocational School.
Now that the attacks have been traced, you would think it would lead to some answers, but now they appear to be less certain if the government was directly involved (which is still a possibility, given that one of the schools is in a region named in an online warfare report (pdf) last year, as one of six where Chinese military would be able to conduct such an attack). It could have also been a student or a hi-jacking from another party altogether, even another country.
From the sound of things, they haven’t gotten much closer to figuring this thing out, despite a critical lead. There is a lot hanging in the balance of this case, and not just for Google’s future in China, but perhaps also international relations between the U.S. and China.
Google has not offered any comment on the matter, which is not surprising, as they have been relatively quiet about the situation since the company’s original announcement of the attacks. Earlier this month, however, there were reports that a consortium that includes Google would like to buy a 30 or 40 percent stake in Chinese firm Bus Media.