Attacks/Breaches
6/6/2013
01:14 PM
Connect Directly
RSS
E-Mail
50%
50%

China To America: You Hack Us, Too

Difference is China doesn't point fingers, says head of China's computer emergency response team, even though it has "mountains" of evidence that U.S. snoops.

The Syrian Electronic Army: 9 Things We Know
(click image for larger view)
The Syrian Electronic Army: 9 Things We Know
Numerous online attacks against China have been traced back to U.S. servers. But unlike authorities in the United States, the Chinese government chooses to not point the finger, according to the head of the country's computer emergency response team.

"We have mountains of data, if we wanted to accuse the U.S., but it's not helpful in solving the problem," Huang Chengqing, the director of the National Computer Network Emergency Response Technical Team Coordination Center of China (CNCERT), told government-run media outlet China Daily Wednesday.

According to data published by CNCERT, in the first three months of 2013, 5.6 million systems in China were infected by malware tied to 13,400 command-and-control servers located overseas. Of those, more than half of infected systems -- 2.9 million PCs -- were controlled by about 4,000 command-and-control servers based in the United States. Meanwhile, 3,500 U.S. systems had been used to take over about 7,700 different websites located in China.

[ China has been blamed for a variety of intrusions. Read China Tied To 3-Year Hack Of Defense Contractor. ]

In the same timeframe, CNCERT reported that 54 U.S.-based IP addresses had "hijacked Chinese official websites to steal data," which according to China Daily included sites related to "government departments, key information systems and research institutions."

Despite the origin of the attacks, "it's hard to judge whether the U.S. government supported or got involved in the hacking," Huang said. "Besides, hackers can easily hide their real location and identities." As a result, he added, "technically it is irresponsible and unfounded for some people to talk about alleged hacking supported by the Chinese authorities." Huang's comments were published in advance of a two-day Chinese-American summit between President Obama and China's newly minted leader, President Xi Jinping, which is scheduled to occur this Friday and Saturday in California. His comments continue the People's Republic of China (PRC) party line, which is that the government isn't sponsoring espionage attacks against the United States.

The blame game against Chinese hackers has intensified in recent months. In February, a report from security firm Mandiant accused a Chinese army unit of having launched advanced persistent threat (APT) attacks against U.S. businesses. In March, Chinese Premier Li Keqiang rejected those accusations, saying that they amounted to a "presumption of guilt," and that "China does not support but indeed oppose such attacks."

But a confidential Department of Defense report from January 2013, portions of which were first published last month by The Washington Post, said that hack attacks attributed to state-sponsored Chinese attackers had been much more widespread than previously acknowledged, and had resulted in the compromise of data relating to cutting-edge military weapons systems and technologies that are critical to national security.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
humberger972
50%
50%
humberger972,
User Rank: Apprentice
6/10/2013 | 3:35:16 PM
re: China To America: You Hack Us, Too
stuxnet malware -
the country that came up with this - has zero rights to complain about the
activity of other countries. Stuxnet doesn't hack- it endangers people and destroys
infrastructure.... sorry but if you want the moral high ground - you have to
not be playing in the mud. Not to mention the other countries are probably
envious of Prism -- wishing their citizens were so passive they could get away
with that.
zerses
50%
50%
zerses,
User Rank: Apprentice
6/10/2013 | 12:59:25 AM
re: China To America: You Hack Us, Too
So we need a law that says we won't hack other entities that are legal entitites?

If we pass any law not to hack, China and every other country will NOT stop hacking - so now what?????????

Hey, WHITEHATS where the HECK are you?!
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Must Reads - September 25, 2014
Dark Reading's new Must Reads is a compendium of our best recent coverage of identity and access management. Learn about access control in the age of HTML5, how to improve authentication, why Active Directory is dead, and more.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-5619
Published: 2014-09-29
The Sleuth Kit (TSK) 4.0.1 does not properly handle "." (dotfile) file system entries in FAT file systems and other file systems for which . is not a reserved name, which allows local users to hide activities it more difficult to conduct forensics activities, as demonstrated by Flame.

CVE-2012-5621
Published: 2014-09-29
lib/engine/components/opal/opal-call.cpp in ekiga before 4.0.0 allows remote attackers to cause a denial of service (crash) via an OPAL connection with a party name that contains invalid UTF-8 strings.

CVE-2012-6107
Published: 2014-09-29
Apache Axis2/C does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

CVE-2012-6110
Published: 2014-09-29
bcron-exec in bcron before 0.10 does not close file descriptors associated with temporary files when running a cron job, which allows local users to modify job files and send spam messages by accessing an open file descriptor.

CVE-2013-1874
Published: 2014-09-29
Untrusted search path vulnerability in csi in Chicken before 4.8.2 allows local users to execute arbitrary code via a Trojan horse .csirc in the current working directory.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
In our next Dark Reading Radio broadcast, we’ll take a close look at some of the latest research and practices in application security.