China is claiming attacks on public and private organisations from outside of its borders have rocketed in the past year - from five million computers affected in 2010 to 8.9m in 2011. State-run newspaper China Daily reported the figures from (deep breath) the government’s National Computer Network Emergency Response Technical …
Only looked at my router logs this morning
Usual load of Chinese scans of usual ports ( all closed/stealthed)
One persistent sod scanning the same ports from the same IP for weeks now.
My only open port is for SSH and that's a very high number - so far no-one has ever scanned that.
The bamboo curtain...
So they've just revealed the fact they're also vulnerable, is this perhaps to take a little heat off the many reported claims from Europe, Asia and North America about hacks originating from China?
Like most Marxist despots the Chinese government isn't exactly forthcoming in releasing this type of info, but rest assured it does happen.
Perhaps this is a shift in openness or just China's way of claiming to be victims too?
Re: The bamboo curtain...
...sounds risky with the great fire wall.
It wuz him what dun it
"Most recently, a detailed report from US defence contractor Northrop Grumman revealed that the People’s Liberation Army is tooling up with advanced information warfare capabilities, and warned that academia and commercial technology firms are helping to provide it with significant R&D resources."
Please, we've been here a number of times before, every nation that can do this, does it.
"It would be naïve to think that the US, UK and other nations are snoozing while China-sponsored attackers target their data."
It would be naïve to think that 'the US, UK and other nations' aren't doing exactly the same to the Chinese or other nations deemed in some way 'hostile' (and to a few of our 'friends' to a lesser extent).
"The latest stats from the Chinese government may be slightly exaggerated but shouldn’t be dismissed out of hand"
While few would take everything in there as gospel I'd suggest that only an idiot would dismiss them out of hand, not that there probably aren't a fair few of those. Surely anyone with even an inkling of international politics and/or cyber crime trends knows there's more than a germ of truth in much of the report.
Re: It wuz him what dun it
Everybody probably spies as much on their "friends" as on their enemies. You usually know where your enemies stand. Friendship, in the context of nation states, tends to be subordinated to national interest. Anyone who played the old board game "Diplomacy" knows that off by heart! It's also easier, "friendly" spies (this obviously doesn't apply to virtual espionage) usually get sent packing with a protest attached, rather than locked up, tortured or executed.
Re: It wuz him what dun it
Strike "probably" and add "definitely". Is it not better to know what your friends are up to if they're not entirely trustworthy? And absolutely no National Government Ive ever heard of is trustworthy. Especially not nations that consider themselves Number 1 and Number 2.
Agreed Sandman, you need only look at CIA, MI5, Mossad agents being caught in each others countries as well as their rival nations, with Iran, Pakistan, Egypt, Palestine etcetera always finding each others agents in their backyards too.
How sad in 2012 we can still draw pretty accurate "battlelines" among countries.
Talk about overcomplicating
Why would the CIA, MI5, Mossad be involved in hacking websites, when there are approximately 20 million script kiddiez out there who are positively eager to spend their time doing it for free?
All you need to do is allow a few thousand Chinese-speaking students into your country, and make sure no-one's enforcing a strict bedtime on them. Next thing you know, thousands of Chinese servers will be hacked, websites defaced and data stolen. You don't need to do a thing - unless you have a specific target in mind, in which case you might have to buy them a few drinks.
No, you will find few people who care.
What go's around comes around.
Apostrophe abuse coming around
You shall feel the wrath of the brotherhood of apostrophes in that case.
Light-Trapping Singularity Calling the Kettle Black?
I'm sorry. But I can't be the only one looking at that headline and thinking: "well, you started it, mate."
Re: Light-Trapping Singularity Calling the Kettle Black?
If you really are so naive as to think "you started it mate", I've got a bridge you might be interested in buying.
Considering that any complaints of hacking etc are never entertained by China I think other nations should ignore complaints from China on hacking problems.
Every day, I see endless logs of Chinese IP addresses attempting to penetrate our networks, many of them are the same ones constantly hitting ports most of the day.
Different now the shoe's on the other foot eh!
Not much fun to be on the receiving end of the stick, is it?
Ninks & Chips
"...Surprisingly, Japan is alleged to be the source of most attacks on China..."
Why surprising? Those two have hated each other for centuries.
It would appear the Chinese talent for copying rather than creating has been extended to the 'cyberwarfare victim' arena.
I might have sympathy if it wasn't for the fact that my blog is written in PHP. I wrote it myself, but that hasn't stopped remote systems looking for myAdmin and all sorts of other "notorious back doors". I'm learning quite a bit about Chinese geography looking up the IP addresses to a rough location - three more this morning, Sechuan (sp?) province...
location of launch != location of attacker
Only idiots would leave themselves open to an easy trace. Conspiracy theorists will obviously conclude that it's X stirring up trouble between Y and Z. Substitute your preference of countries or (we're talking the *crazy* conspiracy theorists here) alien species.
For the record, my honeypot statistics for Feb show most of my attacks are local: http://articles.yuikee.com.hk/newsletter/2012/02/b.html
And heyrick, I don't use PHP at all, but my weblogs show plenty of requests for .php pages. It's the shotgun approach.
I stopped logging incoming packets a long time ago - I just drop them all unless it's a port I need. I really see no point in day to day inspection of the contents of the sewer.
As far as the Chinese attack numbers go - I doubt that they are any different from other governmental organizations and are probably missing a whole bunch of attacks - if anything their numbers look low to me.
And the winner is..
A network block in the Fujian province with attempted connections double what the #2 (Baidu) and #3 (A Korean network) are attempting.
Some of it might be legitimate, but really I don't care because the vast majority of the traffic from China to the stuff I look after isn't so its easier to drop it.
- iSPY: Apple Stores switch on iBeacon phone sniff spy system
- Chinese gamer plays on while BMW burns to the ground
- It's true, the START MENU is coming BACK to Windows 8, hiss sources
- Pic NASA Mars tank Curiosity rolls on old WET PATCH, sighs, sniffs for life signs
- How UK air traffic control system was caught asleep on the job