As if the story of the Chinese cyber-attack wasn’t convoluted enough already, there’s still more news coming out. As Google was investigating the attacks it became apparent they were not the only victims. Upon discovering that Yahoo was targeted, Google reached out to “share knowledge”. It seems that Yahoo was aware of the attacks prior to Google contacting them, but chose to remain tight-lipped.
In the wake of the sophisticated attack, many of the victims are keeping their involvement secret. This is most likely to avoid demonstrating their vulnerability to the world at large. Several companies have, however, disclosed that they were affected by the attacks. Included in this group are Adobe, Juniper Networks, and Rackspace. Yahoo said in a statement that it is not their policy to disclose information relating to attacks on their systems. It remains unclear if Yahoo knew that the incident affected other companies. It’s possible their investigation was not as thorough as Google’s.
Yahoo has a history of cooperation with the authorities in Bejing. Activist groups have been outraged when, on several occasions, Yahoo handed over details on Chinese dissidents to the government. Should companies like Yahoo come clean and discuss the attacks?