The China-based group said on Monday that the attacks targeted users of multiple email clients, including Microsoft‘s Outlook and Mozilla‘s Thunderbird, in a possible attempt to monitor or control online communications. The hackers used a technique commonly known as a “man-in-the-middle” (MITM) attack, which works particularly well against services that do not offer end-to-end encryption.
Chinese Internet users regularly face information suppression and website blocking from the government in Beijing, which operates a massive online censorship system known as the Great Firewall. Typically, the Chinese government targets information perceived as a threat to the authority of the ruling Communist Party.
A representative from GreatFire.org told Reuters that the attack likely came from the Cyberspace Administration of China (CAC), which oversees the government’s Internet regulation.
Late last month, Google‘s Gmail service was completely blocked in most of China. A Google spokesperson in Singapore confirmed that the disruption was not due to any malfunction on the company’s end, and the U.S. State Department encouraged the Chinese government “to be transparent in its dealings with international companies and to consider the market signal it sends with such acts.”
Google’s services in China have been subject to increased disruption since June 2014. Until recently, however, users were still able to access their accounts through programs such Microsoft Outlook via the widely used IMAP, SMTP and POP3 protocols.
Illustration by Jason Reed