China ‘World’s Biggest’ Cyber Attack Victim?

The number of cyber attacks against Chinese websites surged in 2011, rising to 8.9 million computers affected, up from 5 million in the previous year, according to a report published by China Daily.

It claimed a total of 47,000 overseas IPs were involved in the attacks, with the majority located in Japan, US and South Korea.

Cold cyberwar

The report, released yesterday by China’s National Computer Network Emergency Response Technical Team and Coordination Center (CNCERT), found 11,851 IP addresses based overseas had gained control of 10,593 Chinese websites in 2011.

“China has become the world’s biggest victim of cyber attacks,” Zhou Yonglin, director of CNCERT’s operation department, told People’s Daily.

The report claims Japan was the source of most attacks (22.8 percent), followed closely by the United States (20.4 percent) and the Republic of Korea (7.1 percent).

Attacks ranged from wiping servers and defacing websites to stealing personal and corporate data from Chinese web users.

Although it was discovered that many hackers used Trojan programs to steal personal data, Zhou said “money is not the sole motivation”, as in several cases the hackers had intended to access state networks and steal confidential government information.

To assist damaged private websites and maintain online security, the Ministry of Industry and Information Technology has launched several investigations, and authorities claim they prevented the spread of online viruses 14 times last year.

People’s Republic itself has been accused several times of creating a cyber army for espionage purposes. In March last year, hackers with Internet addresses based in China launched an attack intended to steal files relating to the G20 summit held in Paris. The following October, two US satellites were discovered to have been hacked repeatedly, with evidence once again pointing at China.

Then, in November, the US Office of the National Counterintelligence Executive singled out China and Russia as the most aggressive “collectors” of American secrets. In return,China had claimed 75,000 cyber attacks it repelled in 2010 originated from US IP addresses.

It is important to note that the theoretical location of the IP address is by no means a guarantee that an attack was launched from a particular location. Hackers often use proxy servers to hide their identity, or take advantage of Tor’s anonymity network to cover their tracks.

Zhou said the CNCERT will deepen its cooperation with other countries in computer security. The agency has already established cooperative relations with 40 countries and 79 organisations. It has also urged Chinese companies and ISPs to invest more time, energy and money into developing online security systems.

How well do you know Internet security? Try our quiz and find out!