谷歌聲明原文:有可能完全退出中國

【英文原文】

Google said it is 'reviewing the feasibility of our business operations in China' and may back out of China entirely, as it disclosed it had been hit with major cyberattacks it believes to have originated from the country. The following was posted on the official Google blog by David Drummond, SVP, Corporate Development and Chief Legal Officer:

A new approach to China

Like many other well-known organizations, we face cyber attacks of varying degrees on a regular basis. In mid-December, we detected a highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property from Google. However, it soon became clear that what at first appeared to be solely a security incident-albeit a significant one-was something quite different.

First, this attack was not just on Google. As part of our investigation we have discovered that at least twenty other large companies from a wide range of businesses-including the Internet, finance, technology, media and chemical sectors-have been similarly targeted. We are currently in the process of notifying those companies, and we are also working with the relevant U.S. authorities.

Second, we have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists. Based on our investigation to date we believe their attack did not achieve that objective. Only two Gmail accounts appear to have been accessed, and that activity was limited to account information (such as the date the account was created) and subject line, rather than the content of emails themselves.

Third, as part of this investigation but independent of the attack on Google, we have discovered that the accounts of dozens of U.S.-, China- and Europe-based Gmail users who are advocates of human rights in China appear to have been routinely accessed by third parties. These accounts have not been accessed through any security breach at Google, but most likely via phishing scams or malware placed on the users' computers.

We have already used information gained from this attack to make infrastructure and architectural improvements that enhance security for Google and for our users. In terms of individual users, we would advise people to deploy reputable anti-virus and anti-spyware programs on their computers, to install patches for their operating systems and to update their web browsers. Always be cautious when clicking on links appearing in instant messages and emails, or when asked to share personal information like passwords online. You can read more here about our cyber-security recommendations. People wanting to learn more about these kinds of attacks can read this U.S. government report (PDF), Nart Villeneuve's blog and this presentation on the GhostNet spying incident.

We have taken the unusual step of sharing information about these attacks with a broad audience not just because of the security and human rights implications of what we have unearthed, but also because this information goes to the heart of a much bigger global debate about freedom of speech. In the last two decades, China's economic reform programs and its citizens' entrepreneurial flair have lifted hundreds of millions of Chinese people out of poverty. Indeed, this great nation is at the heart of much economic progress and development in the world today.

We launched in January 2006 in the belief that the benefits of increased access to information for people in China and a more open Internet outweighed our discomfort in agreeing to censor some results. At the time we made clear that 'we will carefully monitor conditions in China, including new laws and other restrictions on our services. If we determine that we are unable to achieve the objectives outlined we will not hesitate to reconsider our approach to China.'

These attacks and the surveillance they have uncovered-combined with the attempts over the past year to further limit free speech on the web-have led us to conclude that we should review the feasibility of our business operations in China. We have decided we are no longer willing to continue censoring our results on , and so over the next few weeks we will be discussing with the Chinese government the basis on which we could operate an unfiltered search engine within the law, if at all. We recognize that this may well mean having to shut down , and potentially our offices in China.

The decision to review our business operations in China has been incredibly hard, and we know that it will have potentially far-reaching consequences. We want to make clear that this move was driven by our executives in the United States, without the knowledge or involvement of our employees in China who have worked incredibly hard to make the success it is today. We are committed to working responsibly to resolve the very difficult issues raised.

Posted by David Drummond, SVP, Corporate Development and Chief Legal Officer

【中文譯文】

就象其他許多知名組織一樣，谷歌也會經常面臨不同程度的網絡襲擊。在去年12月中旬，我們偵測到了一次來自中國、針對公司基礎架構的高技術、有針對性的攻擊，它導致我們的知識產權被竊。不過，事態很快變得明瞭，這個起初看似獨立的安全事件（儘管很嚴重）其實背後大有不同。

谷歌高級副總裁、公司發展兼首席法律顧問大衛•多姆德首先，並不是只有谷歌受到了攻擊。我們在調查中發現，至少20家、涵蓋領域廣闊的大型公司都成爲相似的攻擊目標，這些公司隸屬於互聯網、金融、技術、媒體和化學行業。我們現在正在向這些公司通報情況，並與美國相關政府部門展開合作。

第二，我們有證據顯示，攻擊者的首要目標是進入中國人權活動人士的Gmail賬戶。我們迄今爲止的調查結果讓我們相信，這些攻擊沒有達到預期目標。只有兩個Gmail賬戶被進入，而且其活動僅限於帳戶信息，比如帳戶何時創建、以及郵件標題，具體郵件內容未被染指。

第三，在與谷歌受攻擊無關的整體調查中，我們發現數十個在美國、中國及歐洲的中國人權活動人士Gmail帳戶經常被第三方侵入。入侵這些帳戶並非經由谷歌的任何安全漏洞，而很可能是通過在用戶電腦上放置網絡釣魚或惡意軟件。

我們已經運用從這些襲擊中獲得的信息改進了基礎設施和網絡結構，加大對公司和客戶的安全保障。對個人用戶而言，我們建議大家使用可靠的殺毒和反間諜軟件，安裝操作系統的補丁並升級網絡瀏覽器。在點擊即時信息和郵件中顯示的鏈接、或被要求在網上提供諸如密碼等個人信息時永遠要保持警惕。你可以點擊這裏閱讀谷歌提供的網絡安全建議。希望更多瞭解此類襲擊的人士可以閱讀美國政府提供的報告、納特•維倫紐夫(Nart Villeneuve)的博客以及有關間諜網絡幽靈網(GhostNet)的報導。

我們採取了非常規手段與大家共享這些網絡攻擊信息，其原因並不只是我們發現了其中的安全和人權問題，而是因爲這些信息直指言論自由這一全球更重大議題的核心。在過去20年中，中國的經濟改革和中國人的創業精神讓上億中國人擺脫了貧困。事實上，這個偉大的國家是當今世界許多經濟成就和發展的核心。

我們在2006年1月在中國推出了，因爲我們相信爲中國人拓展信息獲取、加大互聯網開放的裨益超過了我們因在網絡審查上做出讓步而帶來的不悅。當時我們明確表示，我們將在中國仔細監控搜索結果，並在服務中包括新的法律法規；如果我們認定自己無法實現上述目標，那麼我們將不會猶豫重新考慮我們的中國策略。

這些攻擊和攻擊所揭示的監視行爲，以及在過去一年試圖進一步限制網絡言論自由的行爲使得谷歌得出這樣一個結論，那就是我們應該評估中國業務運營的可行性。公司已經決定不願再對上的搜索結果進行內容審查，因此，未來幾周，公司和中國政府將討論在什麼樣的基礎上我們能夠在法律框架內運營未經過濾的搜索引擎，如果確有這種可能。我們認識到，這很可能意味着公司將不得不關閉，以及我們在中國的辦公室。

做出重新評估我們在華業務的決定是異常艱難的，而且我們知道這可能帶來非常深遠的影響。我們希望說明的一點是，該決定是由公司在美國的管理團隊做出的，而爲今日成功而付出了無比巨大努力的中國團隊對此毫不知情，也未曾參與。我們決心以負責任的方式來解決任何可能隨之產生的難題。