China claims it is a victim of state-sponsored hacking from the US, not a perpetrator
China’s Ministry of Defense revealed on Thursday that its website, along with the Chinese military website, have been subject to about 144,000 hacking attacks a month last year, two-thirds of which apparently came from the United States.
“The Defense Ministry and China Military Online websites have faced a serious threat from hacking attacks since they were established, and the number of hacks has risen steadily in recent years,” ministry spokesman Geng Yansheng was quoted as saying by Reuters.
The comments were made at a monthly news conference, which was then posted on the ministry’s website.
“According to the IP addresses, the MND website and the China Military Online were attacked by overseas hackers for an average of 144,000-odd times per month in 2012, with 62.9 percent of these attacks originating from IP addresses in the US,” said Geng.
And Geng also noted reports that the United States planned to expand its cyber-warfare capability.
“The above-mentioned practices are not conducive to the joint efforts of the international community to enhance network security. The US side is expected to explain and clarify,” he said.
Geng also then denied allegations that China has soldiers engaging in cyber warfare.
The inclusion of “blue teams” in Chinese military drills is done to enhance the country’s ability to safeguard cyber security and is not related to conducting cyber attacks, said Geng. But he did admit that the PLA (Chinese army) was working extensively to upgrade its technological capabilities and improve its ability to maintain cyber security.
“Compared with military capabilities around the world, however, there is still a gap,” he said.
China is responding after security company Mandiant, which worked with the New York Times when it was recently hit by Chinese hackers – thought to be backed by the People’s Liberation Army. The security company identified a major hacking group known as APT1 as being behind the attack, by tracing their IP addresses back to networks near Shanghai.
It apparently identified a building on Datong Road as the source. This building is also reportedly the headquarters of Unit 61398, a secret wing of the People’s Liberation Army.
China was quick to deny the allegations, but then curiously argued that the IP addresses that were pointing to China as the source had been “hijacked” or “spoofed”. China also then also went on to dispute the legal definitions of what constitutes an actual cyber attack.
And now the country is saying that itself is a victim of hacking attacks from the United States, and is also using IP addresses as proof that the Americans are behind the bulk of the attacks.
China has long stood accused of being behind many cyber attacks, although it has repeatedly denied the accusations. In 2011 for example, the US Office of the National Counterintelligence Executive warned that Russia and China were the “most aggressive collectors” of US economic and technology secrets.
And in August 2011, security vendor F-Secure revealed that it had spotted actual video proof of Chinese hacking when it saw television footage of Chinese military systems hacking a US target. The footage of that alleged hack was seen during a Chinese military TV documentary, but the video was hastily removed when it became public.
Indeed, the hacking problem has now got so bad recently, that some are openly calling for a full scale cyber war against China, whilst others argue how to better engage online with China.
Are you a security expert? Try our quiz!