The initial post from Google last night.

Then, just moments later, Adobe released a very similarly-worded announcement stating that they had also been a victim of an attack as well.

Then, sort of an update, from Google with some additional snippets of information:

There appears to be a lack of clarity as to how pervasive this attack really was. For instance, the post on Google’s blog last night states the number “20″. A Bloomberg.com post stated this morning that there were 34 companies involved. Either way, the number of companies involved is mind-boggling.

Some additional commentary:

Evgeny Morozov has a great post/analysis over on Foreign Policy. I am not so sure I can come to the same conclusion given that he presupposes that China’s reaction to Google’s statement will be to simply shut Google.cn off. It may not come down quite like that.

Robert McMillan from IDG had great coverage that was carried in multiple places, like this article on PCWorld.

But I think the most telling snippet out of all of this is the statement issued by Hillary Clinton, Secretary of State, on the US Department of State website here. The reason I think this is the most telling is because the fact that the Secretary of State issues a statement basically saying to China “you’d better have a really really good explanation for this” is remarkable given the current state of the economic relationship between China and the US (I am going to refrain from providing my opinion on this). You don’t see something like this every day.

Finally, as a resource you might want to consider, Tim Mullen re-shared his informative article on how to block access to an entire country using Microsoft’s ISA server, on Full-Disclosure this afternoon.

Official Google Blog:”

A new approach to China
1/12/2010 03:00:00 PM

Like many other well-known organizations, we face cyber attacks of varying degrees on a regular basis. In mid-December, we detected a highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property from Google. However, it soon became clear that what at first appeared to be solely a security incident–albeit a significant one–was something quite different.

First, this attack was not just on Google. As part of our investigation we have discovered that at least twenty other large companies from a wide range of businesses–including the Internet, finance, technology, media and chemical sectors–have been similarly targeted. We are currently in the process of notifying those companies, and we are also working with the relevant U.S. authorities.

Second, we have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinee human rights activists. Based on our investigation to date we believe their attack did not achieve that objective. Only two Gmail accounts appear to have been accessed, and that activity was limited to account information (such as the date the account was created) and subject line, rather than the content of emails themselves.

Third, as part of this investigation but independent of the attack on Google, we have discovered that the accounts of dozens of U.S.-, China- and Europe-based Gmail users who are advocates of human rights in China appear to have been routinely accessed by third parties. These accounts have not been accessed through any security breach at Google, but most likely via phishing scams or malware placed on the users’ computers.

We have already used information gained from this attack to make infrastructure and architectural improvements that enhance security for Google and for our users. In terms of individual users, we would advise people to deploy reputable anti-virus and anti-spyware programs on their computers, to install patches for their operating systems and to update their web browsers. Always be cautious when clicking on links appearing in instant messages and emails, or when asked to share personal information like passwords online. You can read more here about our cyber-security recommendations. People wanting to learn more about these kinds of attacks can read this U.S. government report (PDF), Nart Villeneuve’s blog and this presentation on the GhostNet spying incident.

We have taken the unusual step of sharing information about these attacks with a broad audience not just because of the security and human rights implications of what we have unearthed, but also because this information goes to the heart of a much bigger global debate about freedom of speech. In the last two decades, China’s economic reform programs and its citizens’ entrepreneurial flair have lifted hundreds of millions of Chinese people out of poverty. Indeed, this great nation is at the heart of much economic progress and development in the world today.

We launched Google.cn in January 2006 in the belief that the benefits of increased access to information for people in China and a more open Internet outweighed our discomfort in agreeing to censor some results. At the time we made clear that “we will carefully monitor conditions in China, including new laws and other restrictions on our services. If we determine that we are unable to achieve the objectives outlined we will not hesitate to reconsider our approach to China.”

These attacks and the surveillance they have uncovered–combined with the attempts over the past year to further limit free speech on the web–have led us to conclude that we should review the feasibility of our business operations in China. We have decided we are no longer willing to continue censoring our results on Google.cn, and so over the next few weeks we will be discussing with the Chinese government the basis on which we could operate an unfiltered search engine within the law, if at all. We recognize that this may well mean having to shut down Google.cn, and potentially our offices in China.

The decision to review our business operations in China has been incredibly hard, and we know that it will have potentially far-reaching consequences. We want to make clear that this move was driven by our executives in the United States, without the knowledge or involvement of our employees in China who have worked incredibly hard to make Google.cn the success it is today. We are committed to working responsibly to resolve the very difficult issues raised.”

“

FTA:

SecureWorks’ Recommended Information Security Guidelines:

* Security Risk Assessments – Performing regular security risk assessments will give your organization a much better understanding of the actual risks posed to your Protected Health Information (PHI) and Personally Identifiable Information (PII). This process will also look at the controls you have in place compared with regulatory requirements, and help you determine if there are any gaps. It will also give you an opportunity to compare your security posture with others in the industry. Recommendations made as a part of this process can be integrated into your overall information security program, keeping your security safeguards current, as well as helping your organization show diligence and a commitment to compliance.

* Intrusion Prevention and Detection Services (IPS/IDS) – The implementation of IDS and IPS enables you to detect and block attempts by cyber criminals to access data on your servers and your network. Proactive alerting mechanisms and monitoring services can notify you of attempted cyber attacks and allow you to respond in real-time as a component of your Information Security Program. It is much less costly, both from a monetary and reputational perspective, to prevent a cyber breach then to be faced with notifying affected individuals and the HHS, as required by the HITECH Act.

* Data Loss Prevention (DLP) – A DLP solution can help monitor your network traffic for possible leakage of PII such as social security numbers and PHI, such as Health Level 7 (HL7) codes (medical standards/procedures codes), etc.

* Log Monitoring – Log Monitoring centralizes and correlates audit logs from your applications and systems to allow you to identify improper access to sensitive patient data from internal or external sources. Proactive monitoring or regular reviews of logs is a key step in ensuring that your patient data is secure, as well as in meeting the short time-window required by the HITECH Act for notification of a breach.

* Web Application Security Testing and Web Application Firewalls – Web applications are becoming more common in healthcare environments. Due to their increasing role in the IT business environment and prevalence of security flaws, web applications are a frequent target of Internet hackers. Healthcare organizations and business associates should perform web application security testing regularly and when significant changes are made to the web applications in order to protect against current security threats. Also, the implementation of a web application firewall can help protect against emerging attacks being launched from cyber criminals.

* Encryption – Implementing strong encryption policies and technologies on mobile devices, laptops, portable storage and backup tapes is key to reducing your risks with regards to improper data disclosure.