Behind the China attacks on Google

Computer attacks on corporations happen all the time, but most companies don't publicize them. They fear damage to their reputation and they don't want to jeopardize the investigation or reveal any information that could be used in future attacks.

Google shocked the security community on Tuesday by disclosing that it and other companies had been hit by attacks that originated in China, with some targeting Gmail users who were human rights activists. As a result, the search giant said it would stop censoring its Web results in China and could end up exiting that market altogether.

Google hasn't released many details on the attacks or named any of the other companies, and sources seem to have only bits and pieces of information. Here's what CNET knows at this time.

What happened? Google said in a blog post on Tuesday that in mid-December it discovered a "highly sophisticated and targeted attack" on its corporate infrastructure originating from China that led to theft of its intellectual property. It said it discovered as part of its investigation that at least 20 other large companies, in the areas of Internet, finance, technology, media, and chemical, had been similarly targeted.

The attack on Google involved attempts to access the Gmail accounts of Chinese human rights activists, but only two accounts were accessed and the contents of e-mails were not exposed--only account information like the date the account was created, Google said.

Separately, Google discovered that accounts of dozens of Gmail users in the U.S., China, and Europe who are human rights advocates "appear to have been routinely accessed by third parties," not through a security breach at Google, but most likely as a result of phishing scams or malware placed on the users' computers, the company said.