[ISN] MOD website still under intense attack

From: InfoSec News <alerts_at_private>
Date: Wed, 17 Mar 2010 00:20:14 -0600 (CST)


BEIJING - A chief editor with the official website of China's Ministry 
of National Defense (MOD), www.mod.gov.cn, said Tuesday the site still 
receives thousands of overseas-based hacking attacks everyday after more 
than six months of trial operations.

"Although the number of hacking attacks has declined since the first 
month of trial operations, we are still attacked by Internet hackers 
everyday," Ji Guilin, chief editor of the ministry's website, told 

However, Mr. Ji refused to release a specific total number of hacking 
attacks so far or the major sources or origins of those attacks due to 
the sensitive nature of the issue.

But he said most of the overseas visitors to the website's Chinese pages 
were tracked to IP addresses registered in the U.S., Australia, 
Singapore, Japan and Canada. While most of the overseas visits to the 
English pages were tracked to the U.S., Australia and the United 

The MOD website was unveiled in August last year, an effort, in many 
analysts' views, by the Chinese government and the 2.3-million-strong 
People's Liberation Army (PLA) to increase military transparency.

Ji said the website experienced more than 2.3 million attacks by hackers 
within its first month of operation, most of which attempted to 
penetrate the site's computer systems and change its homepage.

The website's claims of Internet hacking attacks echoed a military 
official's comment last month on allegations of the Chinese government's 
involvement into cyber attacks on foreign companies.

Defense Ministry spokesman Huang Xueping said Chinese networks, 
especially the military information network, had been a major target for 
Internet hackers.

The uniformed officer's remark came after former U.S. intelligence 
officials said the Chinese military was recruiting Internet hackers to 
break into U.S. government and company computer networks.

Prof. Tan Kaijia, of the PLA's National Defense University, told Xinhua 
that Chinese military facilities had been targeted by hackers who tried 
all means to tap into their Internet-wired computers.

Although the PLA's internal computer network is physically isolated from 
other networks, new technical tools have allowed spies to wirelessly 
sneak into an electronic device or facility.

"Technically speaking, there is always the possibility of hacking a 
network from thousands of miles away if it is connected to the Internet, 
whether or not it has a firewall," Senior Colonel Tan said.

"The alleged Chinese military-backed hacking of US sites proves that 
they did not understand the PLA's functions and missions," said Tan, who 
specializes in military equipment and logistics.

Tan revealed that so far the PLA has not constituted a cyber warfare 
unit, saying the allegation was mystifying and merely an excuse for the 
U.S. to strengthen cyber warfare technologies.

"Scenarios of different versions of Chinese hacking have not been rare, 
since the US is developing its own cyber warfare powers and 
overestimated the abilities of Chinese Internet users," he said.

Last year, accusations of Chinese hacking into the U.S. Department of 
Defense network emerged in the U.S. media just before the Pentagon 
announced the establishment of the new U.S. Cyber Command, which is 
subordinated to the U.S. Strategic Command and responsible for 
coordinating computer-network defense and cyber-attack operation.

"The PLA has academic researchers on information warfare, but is not 
capable of conducting actual cyber-attack operations. Chinese laws 
prohibit any forms of cyber-attack.

"Nor is the PLA allowed to hire civilian hackers, and hacking foreign 
government and company networks has nothing to do with the PLA's 
missions." Tan said.

Civilian networks in China seemed much more vulnerable to hackers. As a 
result, the Ministry of Industry and Information Technology Monday 
issued a nationwide plan to safeguard the security of domain name 
systems for government websites and vital networks amid surging Internet 
security threats and risks.

Last week, police in central China's Hubei Province destroyed the 
country's biggest hacker training organization and arrested three people 
who were suspected of running the Black Hawk Safety Network.

The network was suspected of offering online hacker tools, a crime that 
was listed in China's Criminal Law last year.

Statistics from the National Computer Network Emergency Response 
Technical Team/Coordination Center (CNCERT/CC) reveal about 262,000 
Chinese computers were hijacked by Trojan programs tracked to overseas 
IP addresses in 2009. The top source of the programs, 16.61 percent, 
were computers based in the United States.

The number of Chinese computers controlled by botnets in 2009 was 
837,000. A total of 19,000 overseas-hosted addresses, of which, 22.34 
percent were from the U.S., participated in controlling the Chinese 

Register now for HITBSecConf2010 - Dubai, the premier 
deep-knowledge network security event in the GCC, 
featuring keynote speakers John Viega and Matt Watchinski! 
Received on Tue Mar 16 2010 - 23:20:14 PDT

This archive was generated by hypermail 2.2.0 : Tue Mar 16 2010 - 23:31:20 PDT