2009年4月29日星期三

Hackers: the China Syndrome



For years, the U.S. intelligence community worried that China’s government was attacking our cyber-infrastructure. Now one man has discovered it’s worse: It’s hundreds of thousands of everyday civilians. And they’ve only just begun


At 8 a.m. on May 4, 2001, anyone trying to access the White House Web site got an error message. By noon, whitehouse.gov was down entirely, the victim of a so-called distributed denial-of-service (DDoS) attack. Somewhere in the world, hackers were pinging White House servers with thousands of page requests per second, clogging the site. Also attacked were sites for the U.S. Navy and various other federal departments.
A series of defacements left little doubt about where the attack originated. "Beat down Imperialism of American [sic]! Attack anti-Chinese arrogance!" read the Interior Department's National Business Center site. "CHINA HACK!" proclaimed the Department of Labor home page. "I AM CHINESE," declared a U.S. Navy page. By then, hackers from Saudi Arabia, Argentina and India had joined in. The military escalated its Infocon threat level from normal to alpha, indicating risk of crippling cyber-attack. Over the next few weeks, the White House site went down twice more. By the time the offensive was over, Chinese hackers had felled 1,000 American sites.
The cyber-conflict grew out of real-world tensions. A month earlier, a U.S. EP-3 reconnaissance aircraft flying off the southern coast of China had collided with a Chinese F-8 fighter jet. The American pilot landed safely, but the Chinese pilot was killed. China's hackers lashed out. It wasn't the first foreign attack on American sites, but it was the biggest -- "the First World Hacker War," as the New York Times dubbed it.
The Chinese attacks were poorly coordinated, and it's tempting to dismiss them as harmless online vandalism. But subsequent attacks have become more serious. In the past two years, Chinese hackers have intercepted critical NASA files, breached the computer system in a sensitive Commerce Department bureau, and launched assaults on the Save Darfur Coalition, pro-Tibet groups and CNN. And those are just the attacks that have been publicly acknowledged. Were these initiated by the Chinese government? Who is doing this?

Early clues came through the boasts of a single Chinese hacker. On May 20, 2003, a man named Peng Yinan, then known only by the moniker coolswallow, logged into a public Shanghai Jiaotong University student forum and described how he formed a group at the university's Information Security Engineering School that coordinated with other hackers to bring down whitehouse.gov in 2001. "Javaphile was established by coolswallow (that's me)" and a partner, he wrote in Chinese. "At first we weren't a hacker organization. After the 2001 China-U.S. plane collision incident, Chinese hackers declared an anti-American Battle . . . and coolswallow joined in the DDoS White House attacks." Later, he bragged, his group defaced other sites it considered anti-Chinese, including that of the Taiwanese Internet company Lite-On.
Peng left two e-mail addresses, his chat information and the screen names of four other hackers. He soon expanded his online profile with a blog, photos, and papers describing his hacking openly. But his boasts went unnoticed until 2005, when a linguist in Kansas typed the right words into Google, found Peng, and pulled back the curtain on a growing danger.


没有评论:

发表评论