Internet Security Unchanged By Chinese Attack, Says Microsoft’s Ballmer

The latest round of cyber-attacks reportedly from China have not fundamentally changed the security environment on the Internet, said Microsoft CEO Steve Ballmer, though Google has threatened to shut down its Chinese operations in response.

The cyber-attack, which was aimed at the Gmail accounts of several Chinese human rights activists, and also apparently attempted to penetrate the IT infrastructure of a number of US companies, appears to have used vulnerabilities in Microsoft’s Internet Explorer, according to security vendor McAfee..

Microsoft is emphasising that none of its email systems were hit in the attacks: “We have no indication that any of our mail properties have been compromised,” a Microsoft spokesperson told eWEEK on 14 Jan.

Microsoft CEO Steve Ballmer suggested that such cyber-attacks are a matter of course on the modern Web. “Every large institution is being hacked,” Ballmer told the Financial Times, in a quote later confirmed to eWEEK by the company. “I don’t think it’s a fundamental change in the security environment on the Internet.”

Microsoft reportedly has no plans to pull its operations out of China, having already been criticised last year when its Bing search engine’s image search apparently returned pro-Chines government results. 

Google said at least 20 other companies were the targets of cyber-attacks originating from within China. In the wake of the assault, Secretary of State Hillary Clinton reportedly said, “We have been briefed by Google on these allegations, which raise very serious concerns and questions. We look to the Chinese government for an explanation.”

Another US government official, Commerce Secretary Gary Locke, also raised the issue of security for companies operating in conjunction with China.

“The recent cyber-intrusion that Google attributes to China is troubling to the US government and American companies doing business in China,” Locke said in a statement. “This incident should be equally troubling to the Chinese government. The administration encourages the government of China to work with Google and other US companies to ensure a climate for secure commercial operations in the Chinese market.”

Despite the publicity surrounding the attacks and Google’s possible withdrawal from China, Google has continued to assert that the cloud-computing model is fundamentally sound.

“This was not an assault on cloud computing,” Google Chief Legal Officer David Drummond wrote in a post on the company’s official blog. “It was an attack on the technology infrastructure of major corporations in sectors as diverse as finance, technology, media and chemical. The route the attackers used was malicious software used to infect personal computers.”

Drummond added: “Any computer connected to the Internet can fall victim to such attacks. While some intellectual property on our corporate network was compromised, we believe our customer cloud-based data remains secure.”