RegulationSecurityWorkspace

Chinese Internet Chief Hits Back At US Hacking Accusations

Tom Jowitt is a leading British tech freelance and long standing contributor to TechWeek Europe

A top Chinese official says it is the US that is doing the hacking, and claims to have “mountains of data” to prove it

The finger pointing and name calling between American and Chinese officials over who is to blame for the cyber hacking between the two countries continues.

Ever since early 2010 when Google complained of Chinese hacking, the perception is that China bears responsibility for a large number of hacking attacks against western nations. However. a top Chinese official has fired back and claims he has “mountains of data” that shows the US has hacked Chinese systems.

Counter claims

The comments come ahead of a meeting later this week between President Barack Obama with Chinese President Xi Jinping, where the issue of Chinese large scale Internet-led espionage on US businesses and government departments is sure to be raised.

Last month China revealed it would carry out its first cyber war games as the war of words between the two nations increased. This came after Chinese hackers were accused of stealing more than 24 major weapons designs belonging to the US. The attackers allegedly made off with designs of the F-35 Joint Strike Fighter, believed to be the most expensive weapons system ever created, amongst other data.

America US China - Shutterstock © AquirBut this week a Chinese official responsible for the country’s internet security alleged that the US is not blameless over the hacking issue, and US officials should stop using the news media to constantly attack China over the matter.

He said that China has been the victim of serious hacking attacks, but Beijing had not blamed Washington or the Pentagon because such accusations would be “technically irresponsible”.

“We have mountains of data, if we wanted to accuse the US, but it’s not helpful in solving the problem,” said Huang Chengqing, director of the National Computer Network Emergency Response Technical Team/Coordination Centre of China (CNCERT) according to the government newspaper, the China Daily, on Wednesday.

“They advocated cases that they never let us know about,” Huang is quoted as saying. “Some cases can be addressed if they had talked to us, why not let us know? It is not a constructive train of thought to solve problems.”

CNCERT alleges that in the first five months of this year, 13,408 overseas Trojan horses or bot control servers – two popular hacking tools – hijacked around 5.63 million mainframes in China. Of those, 4,062 US-based control servers hijacked 2.91 million mainframes in China.

“However, it’s hard to judge whether the US government supported or got involved in the hacking. Besides, hackers can easily hide their real location and identities,” Huang said.

“So technically it is irresponsible and unfounded for some people to talk about alleged hacking supported by the Chinese authorities,” he said.

Huang said that CNCERT has in the past co-operated with the United States, receiving 32 Internet security cases from America in the first four months of 2013, and handling most promptly, except for a few that lacked sufficient proof.

American accusations

The Chinese denials are not unusual. The country has long denied it had anything to do with the hacking attacks against Western nations. In February for example, China claimed that IP addresses had been hijacked or spoofed, after security company Mandiant claimed to identified a secret wing of the People’s Liberation Army (Unit 61398) as being responsible some of the most notable recent hacking attacks against US targets.

And then in March China openly accused the United States of being behind ongoing attacks against it. China’s Ministry of Defense revealed that its website, along with the Chinese military website, have been subject to about 144,000 hacking attacks a month last year, two-thirds of which apparently came from the United States.

Meanwhile former US government officials have said the US should consider letting affected organisations hack back, in a report that claimed $300 billion (£199bn) was likely being lost every year because of IP theft, with between 50 and 80 percent of it stolen by Chinese hackers.

Meanwhile other American observers are openly calling for a full scale cyber war against China.

In 2011 the US Office of the National Counterintelligence Executive warned that Russia and China were the “most aggressive collectors” of US economic and technology secrets. And the Chinese have been caught red handed in the past hacking US targets.

In August 2011 security vendor F-Secure revealed that it had spotted actual video proof of Chinese hacking when it saw television footage of Chinese military systems hacking a US target. The footage of that alleged hack was seen during a Chinese military TV documentary, but the video was hastily removed when it became public.

What do you know about Internet security? Find out with our quiz!