Hong Kong cyber attacks spiked during Occupy Central, academic's study finds
Huge cyberattacks in the past few months were triggered by political events and involved hackers sympathetic to both the city's main political camps, a University of Hong Kong study has found.
The academic behind the study said one attack on democracy supporters involved up to 10,000 computers around the world. Attacks on the government were less sophisticated but were "destructive and difficult to avoid", said Dr Chow Kam-pui, an associate professor of computer science.
Chow said his study identified sudden spikes in cyberattacks aimed at stealing the personal information of people involved in last year's Occupy Central pro-democracy protests, and in attacks on government websites.
"While there were vigorous clashes between the protesters and police officers on the streets in Hong Kong, a cyberwar started silently," Chow said at a HKU forum. "There are always cyber-attacks. But it seems the number can surge in a very short period of time, with specific targets, whenever there are political events."
Chow's study covered all major cyberattacks since June last year. The attacks targeted servers, websites, social media, personal computers and smartphones - but all seemed to be related in some way to the political landscape, as democracy campaigners took to the streets to demand open nominations for the 2017 chief executive election.
Hackers made several attempts to plant spy programmes on the smartphones and computers of Occupy protesters, Chow said. He traced one such attack - distributed via the WhatsApp messaging service and disguised as a programme "designed … for the coordination of Occupy Central" - to an account on QQ, a mainland-made messaging service.
Websites linked to the movement were also targeted while Next Media, owned by pro-democracy tycoon Jimmy Lai Chee-ying, faced constant attacks. Such attacks took "high levels of technical skill", Chow said.
The biggest such attack - an attempt to paralyse the infrastructure used in a poll organised by Occupy in June - saw more than 10,000 computers around the world mobilised for a so-called "distributed denial-of-service" attack. It was clearly well-planned and involved professionals, Chow added.
The government and its supporters also faced attacks during Occupy. The global hacking collective Anonymous vowed to target the city after tear gas was used on protesters, and more than 70 websites were attacked. Those forced offline included sites belonging to the anti-Occupy Silent Majority and the city's biggest political party, the Democratic Alliance for the Betterment and Progress of Hong Kong.
But Chow said the 11 Hongkongers arrested over the attacks were more likely amateurs, who used software they had downloaded from Anonymous.
"This attack can be implemented with little technical skill because the service can be easily purchased or downloaded," he said. "The attack is always destructive and difficult to avoid. It can be implemented on any target, any time and anywhere."