China threatened by overseas hackers

Recently foreign media have been hyping up "cyber attack from China" and the talk of a "Chinese hacking threat" is in the air. But it turns out that China is actually the real victim of cyber attacks, Xinhua reported, citing statistics from the National Computer Network Emergency Response Coordination Center of China (CNCERT/CC).

The number of Internet users on the Chinese mainland keeps rising sharply, but Chinese users don’t take net safety protection as seriously as do most western users. Hence China has become the biggest victim of Internet hacking.

China suffers from three kinds of cyber attacks. One is from Trojans or Zombie viruses overseas. In 2012, according to CNCERT, 73,286 overseas IPs were involved in hacking China’s 14.19 million IPs, among which 10.5 million received attacks from US-based servers, 780,000 from South Korea and 778,000 from Germany.

The second means is to spread the malicious codes via domain names registered overseas. In 2012, among all the CNCERT-detected IPs in which attackers stored malicious programs, about 65.5 percent were found to be registered overseas, posing a serious security threat to Chinese web users.

The third way is attacking China’s Internet through domestic zombie computers compromised by overseas hackers. According to the report, the United States ranks top in the number of overseas hacking attackers, as up to 7,370 US-based IPs (about 22.9% of all attacking IPs) controlled 10,037 websites in China. There are also counterfeit websites. As monitored by the CNCERT, about 96.2% counterfeit websites had overseas server IPs, mostly from the United States and Hong Kong, where 18,320 and 2,804 counterfeit webpages were found in 2012.

Facing serious network attacks, the relevant departments of China's telecommunications industry achieved progress in cracking down on malicious programs and false IPs. In 2012, CNCERT, in association with relevant agencies and enterprises, launched campaigns against Trojan viruses and zombie networks on 14 occasions. A total of 2,463 IPs spreading Trojan viruses and botnets, as well as 1,227 malicious programs, based in China and abroad, were successfully dealt with, and more than 39.38 million IPs were freed from remote control. At the same time, China’s authorities organized a crackdown on mobile Internet malicious programs on six occasions, identifying 2,303 malicious programs.

In addition, some telecommunication operators have actively cracked down on fake IP addresses and reduced attacks like TCP SYN FLOOD and UDP FLOOD from 70% in 2011 to 48%, effectively limiting the momentum of attacks.