Attacks/Breaches
6/6/2013
01:14 PM
50%
50%

China To America: You Hack Us, Too

Difference is China doesn't point fingers, says head of China's computer emergency response team, even though it has "mountains" of evidence that U.S. snoops.

The Syrian Electronic Army: 9 Things We Know
(click image for larger view)
The Syrian Electronic Army: 9 Things We Know
Numerous online attacks against China have been traced back to U.S. servers. But unlike authorities in the United States, the Chinese government chooses to not point the finger, according to the head of the country's computer emergency response team.

"We have mountains of data, if we wanted to accuse the U.S., but it's not helpful in solving the problem," Huang Chengqing, the director of the National Computer Network Emergency Response Technical Team Coordination Center of China (CNCERT), told government-run media outlet China Daily Wednesday.

According to data published by CNCERT, in the first three months of 2013, 5.6 million systems in China were infected by malware tied to 13,400 command-and-control servers located overseas. Of those, more than half of infected systems -- 2.9 million PCs -- were controlled by about 4,000 command-and-control servers based in the United States. Meanwhile, 3,500 U.S. systems had been used to take over about 7,700 different websites located in China.

[ China has been blamed for a variety of intrusions. Read China Tied To 3-Year Hack Of Defense Contractor. ]

In the same timeframe, CNCERT reported that 54 U.S.-based IP addresses had "hijacked Chinese official websites to steal data," which according to China Daily included sites related to "government departments, key information systems and research institutions."

Despite the origin of the attacks, "it's hard to judge whether the U.S. government supported or got involved in the hacking," Huang said. "Besides, hackers can easily hide their real location and identities." As a result, he added, "technically it is irresponsible and unfounded for some people to talk about alleged hacking supported by the Chinese authorities." Huang's comments were published in advance of a two-day Chinese-American summit between President Obama and China's newly minted leader, President Xi Jinping, which is scheduled to occur this Friday and Saturday in California. His comments continue the People's Republic of China (PRC) party line, which is that the government isn't sponsoring espionage attacks against the United States.

The blame game against Chinese hackers has intensified in recent months. In February, a report from security firm Mandiant accused a Chinese army unit of having launched advanced persistent threat (APT) attacks against U.S. businesses. In March, Chinese Premier Li Keqiang rejected those accusations, saying that they amounted to a "presumption of guilt," and that "China does not support but indeed oppose such attacks."

But a confidential Department of Defense report from January 2013, portions of which were first published last month by The Washington Post, said that hack attacks attributed to state-sponsored Chinese attackers had been much more widespread than previously acknowledged, and had resulted in the compromise of data relating to cutting-edge military weapons systems and technologies that are critical to national security.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
humberger972
50%
50%
humberger972,
User Rank: Apprentice
6/10/2013 | 3:35:16 PM
re: China To America: You Hack Us, Too
stuxnet malware -
the country that came up with this - has zero rights to complain about the
activity of other countries. Stuxnet doesn't hack- it endangers people and destroys
infrastructure.... sorry but if you want the moral high ground - you have to
not be playing in the mud. Not to mention the other countries are probably
envious of Prism -- wishing their citizens were so passive they could get away
with that.
zerses
50%
50%
zerses,
User Rank: Apprentice
6/10/2013 | 12:59:25 AM
re: China To America: You Hack Us, Too
So we need a law that says we won't hack other entities that are legal entitites?

If we pass any law not to hack, China and every other country will NOT stop hacking - so now what?????????

Hey, WHITEHATS where the HECK are you?!
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This is a secure windows pc.
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.