Warning Issued About China Hackers

greenspun.com : LUSENET : Grassroots Information Coordination Center (GICC) : One Thread

APRIL 26, 21:20 EST

Warning Issued About China Hackers

By D. IAN HOPPER Associated Press Writer

WASHINGTON (AP) — Federal authorities and security companies are warning American businesses to protect themselves next week during a planned ``Labor Day Strike'' from Chinese hackers upset over the recent spy plane incident.

The National Infrastructure Protection Center, the FBI's cybercrime arm, said Thursday that ``Chinese hackers have publicly discussed increasing their activity'' from April 30 to May 7. Those days coincide with two major Chinese holidays, International Workers Day and Youth Day.

May 7 also is the two-year anniversary of the bombing of China's embassy in Belgrade, Yugoslavia.

American hackers have vandalized scores of Chinese Web sites, frequently adding obscene or racist anti-China screeds. Next week's attack would be in retaliation, according to U.S. security firms.

A smattering of American sites have already been attacked by hackers claiming to be from China. They have left messages such as ``hack the USA'' and ``For our pilot Wang!!! For our China!,'' according to security company Vigilinx. Wang Wei is the name of the Chinese pilot who died after crashing into an American spy plane.

Antivirus company Symantec Corp. also is warning its clients about attacks from China, and several network administrators have reported on security e-mail lists about increased prodding of their networks originating from China.

There is no evidence that the attacks are sanctioned or organized by the Chinese government.

About 65 Chinese Web sites have been vandalized by American hackers since the U.S. reconnaissance plane crash-landed in China, according to Web site Attrition.org, which monitors Web site defacements.

While Web defacements are usually little more than harassment — the only U.S. government site believed to be attacked recently by a Chinese hacker was an obscure Navy site — Vigilinx officials warn that more serious attacks could occur.

``It has the potential to escalate into something very damaging if emotions run unchecked,'' said Vigilinx chief executive Bruce Murphy.

http://wire.ap.org/?SLUG=CHINA%2dHACKING

-- Martin Thompson (mthom1927@aol.com), April 26, 2001

Answers

Hacker Alert — The U.S. military is bracing for a rash of computer attacks from hackers in China next week, Pentagon sources told ABCNEWS.

The Chinese hackers are responding to attacks on Chinese sites by American hackers, including a group that calls itself PoizonBOx, military officials said. Intelligence sources said they expect the attacks to start May 1. For weeks, hacker chat rooms have been full of talk by Chinese and American hackers about continuing their attacks. The Pentagon is worried it may be caught in the middle.

The possible Chinese computer attack would be timed to mark a low point of U.S.-China relations, 1999's accidental U.S. bombing of the Chinese embassy in Belgrade. And it would come weeks after the flap over a U.S. surveillance plane was forced to land on an island in the South China Sea.

Since the standoff over the plane and the Chinese detainment of the 24 U.S. crew members, American and Chinese hackers have threatened each other in Internet chat rooms. American hackers have been urging each other to attack Chinese Web sites, and the American group PoizonBOx has reportedly defaced more than 100 Chinese sites.

On Alpha Alert

The Pentagon is preparing for denial-of-service attacks against unclassified ".mil" sites, the domain reserved for the U.S. military. Plus, military officials said they expect attacks could target the ".gov" sites of the U.S. government.

In a denial-of-service attack, hackers try to overwhelm a system's Web servers by sending floods of requests.

To prepare, the U.S. Pacific Command has raised its information- systems threat condition — known as INFOCON — to Alpha from normal, requiring close monitoring of its Web sites, according to a Defense Department source.

Military officials expect to raise the threat level to Bravo or Charlie by the middle of next week, the source said. Bravo calls for starting to limit access to military sites, and Charlie requires pulling systems offline. Delta, the highest threat level, calls for a system shutdown.

The Pentagon would take action against a denial-of-service attack by blocking access to the targeted sites or pulling certain systems offline. Officials are also monitoring unfamiliar e-mail attachments, which might contain computer viruses.

The Pacific Command, based in Hawaii, declined to comment specifically on the matter, but a spokeswoman told ABCNEWS: "We are dedicating additional assets to monitor and track suspicious activity related to our computer and communications systems."

Concern of Government Involvement

Pentagon officials said they believed Chinese hackers chose the first week in May because of two important dates: a Chinese holiday on May 4 during which many people would be home and on their personal computers; and May 7, the anniversary of the embassy bombing.

Military sources told ABCNEWS that, although they expect the hack attacks will be done by civilians, there is some concern that the Chinese government could be backing the efforts.

During the standoff over the spy plane in early April, the Pacific Command was targeted by Chinese hackers. A huge denial-of-service attack from China shut down the Pacific Command's unclassified computer network for 12 hours, according to a high-ranking Pentagon official.

http://my.abcnews.go.com/PRINTERFRIENDLY? PAGE=http://abcsource.starwave.com/sections/world/DailyNews/chinahacke rs_010426.html

-- Martin Thompson (mthom1927@aol.com), April 27, 2001.


Moderation questions? read the FAQ