Daily Archives: March 22, 2012

When Governments Hack Each Other: how to steal secrets and cover your tracks

The number of cyber attacks against Chinese websites surged in 2011, rising to 8.9 million computers affected, up from 5 million in the previous year, according to a report published by China Daily.  It claimed a total of 47,000 overseas IPs were involved in the attacks, with the majority located in Japan, US and South Korea.  The report, released yesterday by China’s National Computer Network Emergency Response Technical Team and Coordination Center (CNCERT), found 11,851 IP addresses based overseas had gained control of 10,593 Chinese websites in 2011.  “China has become the world’s biggest victim of cyber attacks,” Zhou Yonglin, director of CNCERT’s operation department, told People’s Daily.  The report claims Japan was the source of most attacks (22.8 percent), followed closely by the United States (20.4 percent) and the Republic of Korea (7.1 percent).  Attacks ranged from wiping servers and defacing websites to stealing personal and corporate data from Chinese web users.  Although it was discovered that many hackers used Trojan programs to steal personal data, Zhou said “money is not the sole motivation”, as in several cases the hackers had intended to access state networks and steal confidential government information.  To assist damaged private websites and maintain online security, the Ministry of Industry and Information Technology has launched several investigations, and authorities claim they prevented the spread of online viruses 14 times last year.

People’s Republic itself has been accused several times of creating a cyber army for espionage purposes. In March last year, hackers with Internet addresses based in China launched an attack intended to steal files relating to the G20 summit held in Paris. The following October, two US satellites were discovered to have been hacked repeatedly, with evidence once again pointing at China.  Then, in November, the US Office of the National Counterintelligence Executive singled out China and Russia as the most aggressive “collectors” of American secrets. In return,China had claimed 75,000 cyber attacks it repelled in 2010 originated from US IP addresses.  It is important to note that the theoretical location of the IP address is by no means a guarantee that an attack was launched from a particular location. Hackers often use proxy servers to hide their identity, or take advantage of Tor’s anonymity network to cover their tracks.

Max Smolaks, China ‘World’s Biggest’ Cyber Attack Victim?,TechWeekEurope. Mar. 20, 2012