Chinese Hack U.S. Websites

Date : April 30, 2001
By : KELLY HEARN UPI Technology Writer

WASHINGTON, DC, April 30 (UPI) — Computer activists believed to be in China continued to deface U.S. websites Monday in what appears to be a highly coordinated campaign organized by ordinary citizens but tolerated by authorities in Beijing.

While it is difficult to conclusively pinpoint the origin of computer attacks, activity over the past week on Chinese Internet traffic, newsgroups and hacker websites suggest that Chinese programmers and amateurs are responsible, experts told United Press International.

“They are calling it several names including `The Sixth Network War of National Defense,’ or `the 51 war,’ meaning May first,” said Jerry Freese, director of intelligence for Vigilinx, a digital security firm that claims to monitor over 7,000 websites for security breaches.

“What’s surprising is the level of organization we’re seeing. This is not just a casual attack done on a whim. We believe that the government is tolerating this action,” Freese said.

One former justice department official said that jurisdictional obstacles make it impossible for U.S. authorities to prosecute those responsible, and that asking the Chinese government to help would not only be pointless if they are indeed behind the attacks, but also could help China justify stifling the use of the Internet by political dissidents.

Freese said that while all attacks might not be reported, as of 4 o’clock EST 13 government sites, two state government sites, 8 commercial and 2 educational sites had been hit.

The Website of United Press International was among them. At approximately 3:30 a.m., hackers uploaded to UPI’s homepage a Chinese national flag and several lines of copy in Chinese characters and English letters.

The English portion of the message read: “The Great Chinese Nation Hooray!!!! USA Will Be With Responsibility for the Accident Totally!!! Protest USA sell Weapon to Taiwan, Break The World Peace!!! USA IS BITCH! I am From China — Peak.”

The Chinese portion read: “The U.S. should take full responsibility for the collision. Protest against Americans selling arms to Taiwan which undermines world peace.”

While none of the attacks were crippling, the Department of Defense has put all network administrators across the military on heightened alert until May 8.

Security experts said they are watching for any escalation into more severe attacks such as massive spamming, distributed denial of service attacks or network intrusions.

Freese said that prior to the attack, Chinese chat rooms were full of talk about the impending campaign. One Chinese website posted a hacking instruction manual, he said, and in one case hackers even self-policed, imploring fellow activists to limit the severity of their incursions.

“One site we monitor, Chinabyte.com, called the hackers `the embodiment of the Internet spirit,’ and claimed that those responsible are programming experts not amateurs,” said another Vigilinx official.

Last week, the National Infrastructure Protection Center, the FBI’s cyber crime division, posted on its Website a warning of the impending attack: “Chinese hackers have publicly discussed increasing their activity during this period, which coincides with dates of historic significance in the PRC: May 1 is May Day; May 4 is Youth Day; and, May 7 is the anniversary of the accidental bombing of the Chinese Embassy in Belgrade.”

A group calling itself the Hacker Union of China has claimed responsibility for many of the attacks on its Website cnhonker.com and said it will continue until May 7.

“Right now the Chinese government has more than enough tools to censor the Internet and monitor it, including police in Internet cafes trying to suppress any open dissent,” said Mike Jendrzejczyk of Human Rights Watch in Washington. “The government will continue to censor messages it finds threatening and will open floodgates to the messages they support, as happened after the NATO bombing.”

“The Chinese government works hard to control the Internet, including knowing who is registered and what they are doing,” said Col. Marc Enger, a retired Air Force intelligence officer. “If they were interested in finding out who is responsible they could. But they have no interest because it is governmentally-inspired.”

Mark Rasch, a former Justice Department official who played a key role in capturing super-hacker Kevin Mitnick, said the Chinese government is not directly sponsoring the attack or it would not be so blatant. “But the government could do a lot to prevent it by clamping down on Web traffic and they are not,” he said.

Rasch said a nest of jurisdictional and practical obstacles makes it nearly impossible to prosecute those responsible. Furthermore, he said, asking the Chinese government to clamp down on Internet-based criminal activism could have the unintended consequences of further stifling the Internet as a tool for Chinese political dissent.

Experts noted that American hackers vandalized several Chinese Web sites during the spy plane incident. But the restraint shown by Chinese protestors until this weekend further underscores the belief that the campaign was highly organized.

“I do think Chinese government will be very cautious about encouraging hacking into U.S. sites,” said Roderick MacFarquhar, a professor at Harvard University in Cambridge, Mass. “First, they know that Americans will put enormous effort into developing defenses for sites which in turn means that in a time of real crisis it would be difficult for the Chinese government to hack into them, which is something they have openly talked about. They also fear superior American technology would allow Americans to cripple Chinese sites much more easily.”

Copyright ﾩ United Press International (UPI)