US 'responsible for more than half of cyberattacks on China'

Report says hackers targeted more than a million servers on mainland, controlled websites and breached networks of government agencies

PUBLISHED : Tuesday, 12 March, 2013, 12:00am
UPDATED : Tuesday, 12 March, 2013, 5:56am

The United States was the origin of more than half the successful cyberattacks on the mainland in the first two of months of this year, a central government internet security agency says.

A total of 2,194 servers in the US hacked into and controlled about 1.29 million servers on the mainland in less than 60 days.

This was more than the total of attacks from all other countries combined, Xinhua reported, citing figures from the National Computer Network Emergency Response Co-ordination Centre.

Hackers from the US also controlled more than 3,500 mainland websites in the first two months of the year, nearly nine times more than those controlled by Japanese hackers, Xinhua added.

The e-mail server of was hacked and planted with a Trojan virus on February 24 and the website of People's Daily, was attacked for nearly two hours on January 28. The websites of more than 85 government agencies were also breached between last September and the end of last month.

Nearly half of the attacks were controlled by servers in the US.

Xinhua's report follows a report by US internet security firm Mandiant last month that traced the origin of global cyberattacks to the Chinese military.

Mandiant said most of the attacks originated from a People's Liberation Army building in Shanghai.

The Mandiant report echoed a US intelligence report in 2011 that held the Chinese government responsible for the most active and persistent cyberespionage targeting America.

This prompted some US congressmen to urge the Obama administration to take action.

Tang Wei , senior engineer with Rising, the mainland's biggest anti-virus and internet security company, said the crossfire between China and the US could be a sign that the two powerful countries were scaling up their cyberwar preparations.

The cybersecurity industry has closely monitored the role of governments in cyberattacks, and was surprised by the rapid development in recent years, Tang said.

Rising is working closely with cybersecurity firms in other countries to capture and analyse emerging viruses. It agreed with its overseas partners that some super-viruses were now so sophisticated, so costly to produce and their attacks so purposeful that they had to be created by a government, Tang said.

Stuxnet in 2010 and Flame last year were two examples.

"We have never seen such monsters before, their codes completely different from those written by individuals or companies for fun or for money," he said.

Flame, suspected to have been created by Israel and the US, infiltrated Iran to slow down its nuclear programme.

But that could be only the beginning of international cyber-warfare, Tang said. "If the US and China come to war, they may develop and use some even more destructive viruses, something equivalent to nuclear bombs," he said.

Such cyberweapons of mass destruction would not target individual citizens, but could bring down power grids, civil aviation, high-speed rail systems and communications networks and bring a country to a standstill.

With the deepening integration of the internet in everyday life, the "confrontation between governments will likely increase and intensify", Tang said.

"People must be aware and be prepared."