Scholars in China using the nation’s education network are being hacked by their own country when they conduct authorized Google searches, infosecurity reports.
China’s public Internet blocks Google altogether, but not the education network called CERNET. China figures its researchers need Google access to beat other nations in the global innovation race.
However, China still likes to exert some control over what researchers can see, as well as monitor what they are reading. China lost that ability this spring, when Google started encrypting searches, rather than transmitting queries in plain text.
To regain snooping and filtering powers, the country now redirects Internet traffic flowing to Google. Users think they are interacting directly with Google, when in actuality their searches are being relayed to Google by the government – and vice versa.
“In the lead up to the new school year, the Chinese authorities launched a man-in-the-middle (MITM) attack against Google,” anti-censor website Greatfire observes, referring to the nickname of the redirection tactic. “By placing a man-in-the-middle, the authorities can continue to provide students and researchers access to Google while eavesdropping or blocking selective search queries and results.”
Read the rest at ThreatWatch, Nextgov’s regularly updated index of cyber breaches.
And find out even more on “NG Cybersecurity,” our new iPhone app.