Chinese hackers accessed “years’ worth of US law enforcement and intelligence data” when they breached Google’s servers in 2010, according to a new report.
At the time, Google publicly stated the attackers were seeking information on “human rights activists.” US officials, however, maintained the intruders were after a sensitive database. That discrepancy triggered tensions between Google and the FBI, with critics arguing Google had downplayed the possibility that a critical government database had been compromised.
New details suggest the attackers may have targeted Gmail accounts to discover who had been flagged for surveillance by U.S. authorities. By examining targeted users’ email communications and contacts, the intruders could identify persons of interest and potentially uncover ongoing investigations.
David Aucsmith, director of Microsoft’s Institute for Advanced Technology in Governments, offered context on the attackers’ motive. “If you think about this, this is brilliant counterintelligence,” he said. “You have two choices: if you want to find out if your agents, if you will, have been discovered, you can try to break into the FBI to find out that way.”
“Presumably that’s difficult,” Aucsmith continued. “Or you can break into the people that the courts have served paper on and see if you can find it that way. That’s essentially what we think they were trolling for, at least in our case.” His comments suggest the breach was a deliberate effort to triangulate which individuals were under government scrutiny by accessing third-party communications.
The incident highlights a persistent reality: both the United States and China publicly condemn cybercrime, yet both remain central to major cyber incidents. Recent reports found the US to be the world’s largest purchaser of offensive cybertools, while China accounted for roughly 41 percent of global attack traffic—figures that underline how deeply state and non-state actors are embedded in the digital conflict landscape.
Domestically, another controversial report revealed the FBI monitored users of a paid DDoS-for-hire website through a backdoor. The site’s owner, Justin Poland, told a KrebsOnSecurity reporter that the FBI allowed his site to remain online in exchange for logs, raising questions about law enforcement’s methods and the ethics of such partnerships.
Meanwhile, in what some called a tit-for-tat media response, TelecomsTech reported in October that Chinese telecom equipment manufacturers Huawei and ZTE faced allegations including bribery and corruption, immigration violations, and the use of pirated software. Those accusations further strained diplomatic and commercial relations, feeding debate over supply chain security and national risk from foreign technology providers.
These episodes raise broader questions about cybersecurity and international norms. Should cyber operations be governed by formal treaties and treated with the same severity as conventional warfare? As states expand offensive and defensive cyber capabilities, establishing clear norms, accountability, and transparency becomes increasingly urgent to reduce escalation and protect civilian infrastructure.
What do you think about the state of government cybersecurity? Is it time to codify rules and responses, and hold nations to standards that reflect the strategic and civilian impact of cyber operations?