Internet subject to overseas attacks

China is a victim of harsh and frequent Internet hacking rather than the source of such attacks as the Western media is fond of portraying, said a Chinese Internet security center.

The New York Times and Wall Street Journal earlier this year had reported that their computer systems were breached by China-based hackers, and China has been regularly characterized as a major origin of web threats in the United States.

In fact, relatively low security awareness and fierce hacking from overseas have made Chinese Internet users victims of cyber crime, the National Computer Network Emergency Response Coordination Center, also known as CNCERT, said in a statement on Thursday.

China mainly suffers three kinds of attack, the country's primary computer security monitoring network said.

The first is when overseas hackers control computers in China via viruses such as Trojan or Botnet. CNCERT statistics show that a total of 73,286 overseas IPs were involved in hijacking nearly 14.2 million mainframes in China this way. Of the mainframe victims, 10.5 million, or 74 percent, were under control by servers in the United States.

Hacker IPs from the Republic of Korea and Germany also respectively controlled nearly 785,000 and 778,000 mainframe IPs in China, according to the CNCERT.

The second form of attack involves spreading malicious codes by domain names registered overseas. The CNCERT said it found a monthly average of 65.5 percent of the malicious domain names were registered overseas in 2012.

The third are attacks on websites in China from overseas. In the United States, 7,370 IPs controlled 10,037 websites in the Chinese mainland, making the United States the biggest aggressor in cyber attacks in China.

In the face of such severe Internet hacking activities, communication industries in China have launched crackdowns on malware and fake source addresses.

CNCERT joined various institutions and companies in 2012 to conduct 14 campaigns eradicating Trojan and Botnet malware, destroying 2,463 overseas Internet-controlling terminals and 1,227 malware sources.

It also carried out six campaigns to crack down rogue mobile Internet programs, CNCERT said. It added that some network operators have managed to reduce the rate of common "TCP SYN Flood" and "UDP Flood" attacks from 70 percent in 2011 to 49 percent in 2012.

(China Daily 02/13/2013 page2)