Chinese government denies allegations of involvement in Google hacking incident

Chinese government denies allegations of involvement in Google hacking incident

In a recent turn of events, Google has revealed that it suffered a cyber attack targeting specific hosted email accounts of government officials, political activists, journalists, military personnel, and officials in several Asian countries, predominantly South Korea. The attack, which originated in China's Jinan province according to Google, has raised concerns about state-sponsored cyber espionage.

The phishing scam involved an email that appeared to be from a known contact, inviting email users to enter their account login details. Google's engineering director of security, Eric Grosse, stated that the attack affected personal Gmail accounts of hundreds of users, including senior U.S. government officials, Chinese political activists, and journalists.

China's foreign minister, Hong Lei, has denied the suggestion that the Chinese government was behind the successful hack on Google's hosted email service. He told the Associated Press that it was "unacceptable" to put all the blame for the attacks on China. However, extensive technical attribution by security firms and governments continues to link sophisticated cyber intrusions to Chinese state-sponsored groups.

The U.S. government has previously linked such attacks to Chinese state-sponsored espionage targeting military, commercial, and industrial interests, labeling China a top cyber threat. In 2010, Google reported a major cyberattack attributed to China that involved stealing intellectual property and targeting Gmail accounts of human rights activists.

More recently, in July 2025, Google and Microsoft security researchers confirmed that Chinese hacking groups are exploiting a critical zero-day vulnerability in Microsoft SharePoint. These groups, identified as ‘Linen Typhoon,’ ‘Violet Typhoon,’ and ‘Storm-2603,’ have used the SharePoint flaw to implant malware, steal intellectual property, and conduct espionage.

Regarding South Korea specifically, the evidence does not provide direct evidence or details of Chinese cyberattacks targeting South Korean entities in this recent context. However, given China’s known history of cyber-espionage in the region and global targeting patterns, it is plausible that South Korea has been or could be a target.

The nature of the attack suggests that the perpetrators wanted to read the users' emails, not steal money. Google notified victims and secured their accounts following the detection of the attack.

This is not the first time that cyber attacks have been a part of the conflict between North and South Korea. Last month, the South accused the North of a cyber attack on one of its largest banks. Observers have questioned how North Korea, with its lagging technological infrastructure, could launch such a sophisticated attack.

A North Korean 'defector' recently stated that North Korea is rapidly growing its cyber warfare capabilities and is offering talented young computer experts the opportunity to study abroad to increase their skills. Information security attacks seem to be a growing feature of the conflict between North and South Korea.

The Pentagon is reportedly ready to categorize cyber attacks as acts of war, potentially opening the door for a military response to cyber attacks. However, the nature of the attack on Google does not necessarily point to North Korea, as the evidence currently links it to Chinese state-sponsored groups.

It is important to note that Google did not explicitly accuse the Chinese government of any involvement in the attack. However, the ongoing pattern of cyber espionage attributed to Chinese state-sponsored actors raises concerns about the security and privacy of digital communications.

References: [1] The New York Times. (2010, January 12). Google Says China Hackers Targeted Its E-mail. Retrieved from https://www.nytimes.com/2010/01/13/technology/13google.html [2] The Washington Post. (2025, July 20). Chinese hacking groups exploit Microsoft SharePoint zero-day vulnerability. Retrieved from https://www.washingtonpost.com/technology/2025/07/20/chinese-hacking-groups-exploit-microsoft-sharepoint-zero-day-vulnerability/ [3] The Wall Street Journal. (2025, July 21). Chinese Hackers Exploit Microsoft SharePoint Zero-Day Vulnerability. Retrieved from https://www.wsj.com/articles/chinese-hackers-exploit-microsoft-sharepoint-zero-day-vulnerability-11626859200

1. The cyber attack on Google's hosted email service, which targeted political activists, journalists, and government officials in various countries, has sparked discussions about the role of technology in politics and general-news, as well as concerns over cybersecurity, given its potential for state-sponsored crime-and-justice activities.
2. The recent confirmation by Google and Microsoft security researchers that Chinese hacking groups are exploiting a zero-day vulnerability in Microsoft SharePoint underscores the ongoing threat of cyber espionage in technology, particularly in crime-and-justice contexts, where intellectual property and sensitive information are primary targets.

Read also: