Can we *prove* China is behind Operation Aurora?

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Is it possible to prove that the recent hacks against Google, Adobe, and others were sponsored by the Chinese government?

It’s not that easy.

You see, although there’s unlikely to be anyone with a better motive for cracking into the email accounts of Chinese human rights activists, there’s a lot of difference between a good motive and a “smoking gun” of actual hard evidence.

Learn more in this video I just made:

Sign up to our free newsletter.
Security news, advice, and tips.
[youtube=http://www.youtube.com/watch?v=cYJFScY6iYo&hl=en_GB&fs=1&]

Even if a computer involved in the attacks was found to be located inside a Chinese military base that doesn’t necessarily mean that it was an attack done with the knowledge of the Chinese authorities.

It could have been compromised by hackers in other countries. After all, think of all the spam you receive every day – that’s not sent by computers belonging to the spammers. Instead they’re from PCs that cybercriminals have comandeered and turned into a botnet for their own purposes.

As Chet has discussed over on his blog, some research has been published examining an algorithm used in the attacks, which does link it to a published Chinese research paper – but again, that doesn’t make it a hard fact that the People’s Liberation Army or Beijing government gave their blessing to the hack. All it tells us is that the hackers were probably comfortable reading Chinese.

So, yes, I do believe it’s more likely than not that China is involved in Operation Aurora. But I think we all need to be very careful before pointing fingers and stating it as fact.

You should take that as a warning to clean-up the botnet computers in your own back yard, or it could be your country which is accused of launching an attack next.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.