The Western media are again ramping up attacks on China over the Google hacking incident. On February 18, the New York Times (NYT) named Shanghai Jiaotong University and Lanxiang Vocational School in Shandong as sources of last December's phishing attacks on Google, Adobe and other US companies.
How credible are the allegations?
While the NYT simply cited anonymous sources close to the investigation, a subsequent Guardian article identified them as from the US National Security Agency (NSA).
One would have thought that, having been led up the garden path on Iraq, journalists would no longer treat anonymous leaks from intelligence agents with such breathless credulity. But unfortunately the quest for an eye-catching headline often trumps doubts about a story.
In a February 21 follow-up article, the NYT cited Scott J. Henderson, author of a book on Chinese hackers, without informing readers that he is a former US military intelligence officer who was once stationed in Beijing, or that his book, Dark Visitor, is available free for download on the Internet.
Cooking and hairdressing
The suggestion that Lanxiang was a source of the Google attacks was greeted with widespread ridicule in China. One of many large, privately-owned vocational schools in China, it mainly offers courses in cooking, hairdressing and auto repair. Its computer classes cover basic word processing, spreadsheets and Photoshop. Like other schools in the sector, Lanxiang relies heavily on TV advertising to attract students but blog posts from former students complain of high fees, poor quality teaching and general chaos.
It is possible a secret hacker unit from Chinese intelligence is located in or using the school. But if so, it must count as the most bungling, Keystone Cops-style outfit in the history of spying.
Why wouldn't China put investigators off the scent by mounting the attacks from abroad? Surely Chinese intelligence could recruit one or two of the 200,000 students who leave China every year to study overseas. Or send an agent abroad for a week to hack Google and bring the results back on a memory stick. Are Chinese spies really dumb enough leave their digital fingerprints all over the Internet for the men in black to pick up?
During the whole Google affair overexcited journalists have been briefed on the one hand by anonymous spooks, and on the other, by computer consultants enjoying their day in the limelight, and for whom the publicity is gold dust.
Almost nobody is putting the issue in perspective by asking obvious questions such as: Was there a serious security breach? It seems not. How long have similar attacks been going on? The answer is probably for years. What were Google's motives in making this attack public? It will have done them no harm to polish up their "do no evil" image at a time when they are under fire from all sides on privacy issues. Who else is doing similar things? Almost certainly they include the intelligence services of every major power, as well as freelance hackers and "non-state actors".
But perhaps we are looking in the wrong direction. The real story may be America's cyber warfare buildup.
During his election campaign, Barack Obama said "As president, I'll make cyber security the top priority that it should be in the 21st century. I'll declare our cyber-infrastructure a strategic asset and appoint a national cyber adviser who will report directly to me."