Huge cyberattack on China was lone hacker, official claims

Experts express doubt after internet security boss claims amateur in Qingdao detained for huge strike on servers

PUBLISHED : Wednesday, 25 September, 2013, 12:00am
UPDATED : Wednesday, 25 September, 2013, 2:27pm

The biggest ever cyberattack on Chinese domain servers last month was carried out by a lone hacker, according to a government official responsible for internet security.

The explanation offered by the official shocked mainland internet security experts, with many highly sceptical of the story. Beijing last month reported what it described as the biggest ever cyberattack on Chinese domain servers - those domain names ending with ".cn"

Wang Minghua, an operating officer with the National Computer Network Emergency Response Co-ordination Centre of China, was quoted by Sina Technology on Monday as saying a suspect in Qingdao , Shandong province, had been detained.

Wang said the hacker used a real IP address - suggesting he had to be an amateur. Wang said the man wanted to bring down a game server but mistakenly attacked government servers hosting the country's domain.

The co-ordination centre declined to provide more information when contacted by the South China Morning Post.

Wang's claim contradicts an earlier official statement. Two weeks ago, Li Xiaodong, executive director with China Internet Network Information, told the People's Daily the attack was launched "by a group of hackers for commercial interest".

The attack, Liu said, was launched through a large number of zombie computers - machines controlled remotely by hackers which allowed them to hide their identities.

In last month's attack, traffic flow to the domain servers - mostly government or official websites - increased nearly 1,000 times in less than two hours, forcing down many websites.

Liu Qing, a cybersecurity expert in Shanghai, said a single hacker could not have pulled off such an attack.

"Last month's attack could have cost more than a hundred thousand yuan, if it was launched by a hacker in China," Liu said.  "I don't think an amateur hacker could afford that."