Occupy Central

Cyberattacks against Occupy Central poll traced to mainland firms’ computers in Hong Kong

IT expert traces IP addresses, and blames the enterprises for up to 40pc of security breaches

PUBLISHED : Monday, 23 June, 2014, 5:30pm
UPDATED : Tuesday, 24 June, 2014, 2:47pm

Up to 40 per cent of cyberattacks on the website used to run Occupy Central's unofficial plebiscite on electoral reform came from computers registered to mainland firms in Hong Kong, said an IT expert who advised the poll's organisers.

But it was possible the firms were unaware their computers were involved, as they may have been controlled by hackers, said Young Wo-sang, convenor of the Internet Society of Hong Kong's security and privacy working group.

Dr Chan Kin-man, a key organiser of the civil disobedience movement - which has vowed to blockade Central if the government fails to offer a satisfactory reform proposal - said the findings had fuelled Hongkongers' worries that Beijing was the ultimate hacker of the system.

The 10-day so-called referendum, allowing Hongkongers to pick their preferred reform proposal from a shortlist of three, faced over 10 billion distributed denial-of-service attacks shortly after it launched for pre-registration on June 13, knocking the system offline for periods.

Young said many attacks appeared to have come from computers in Hong Kong registered to mainland firms. "After tracing the IP addresses, we have found that 30 to 40 per cent of them were registered by mainland enterprises," he said.

Cyberattack on Occupy Central poll is 'most sophisticated onslaught ever seen'

Young has been advising the University of Hong Kong's public opinion programme - commissioned by Occupy to handle the poll - on security. He said the poll team had passed its information to police and urged them to locate the real culprit.

Last night police said they were still investigating.

More than 720,000 votes have been cast, including 48,000 at 15 polling stations on Sunday.

In Beijing, a mainland official joined the debate, saying the voting system was unprofessional based on his first-hand attempts to cast a vote.

Zhang Hong, a researcher with the Cyber Security Research Institute under the Ministry of Industry and Information Technology, said he voted twice on Sunday despite not being a Hong Kong permanent resident. He said he logged on to the online voting system using a false Hong Kong address and two Hong Kong cellphone numbers with the help of a friend in the city, and two Hong Kong ID numbers generated online.

"The credibility of the voting system is doubtful due to the technical loopholes," he said.

Zhang said he had tried to vote online eight times and succeeded twice.

"The system makes it impossible to verify whether all the votes are from qualified voters."

He tested the system "out of curiosity", and concluded the poll result was contaminated.

"[The voting] is merely self-serving. It is interesting for those who have no technical background but left us professionals speechless," he said.

Zhang also questioned people who said the cyberattacks were from mainland companies.

"It is not difficult to remove one's footprint from the internet. The attacker could easily hide their identity and then launch the attack," he said. "It is far-fetched to accuse the mainland authorities."

In response, Chan said Occupy had tried to prevent any dishonest voting. "I am particularly concerned that even mainland officials have failed to realise that using others' identities is in fact an offence under the city's laws," Chan said.

He urged people to vote at polling stations if they feared their identities were being used dishonestly online.