癱瘓系統（Denial of Service）：利用許多電腦向某一電腦系統發出信息要求，阻擾或癱瘓這一系統的運作。
The mouse that roared
Sep 5th 2007 | NEW YORK
Is cyberwarfare a serious threat?
EPAA DECADE or so ago, thinkers and pundits were fond of discussing the emerging threat of cyber attacks as a matter of international affairs. The growing reliance of advanced economies on the internet, and the increasing use of the internet by governments and armies, seemed to offer vulnerability along with riches and convenience. The scare of the “Y2K bug” seemed to highlight the danger, at least until it became obvious that the bug was of no threat to anyone.
Now, despite preoccupation with more old-fashioned sorts of terrorism and war, is there, again, reason to fret about the cyber sort? Revelations this year that hackers successfully broke into Pentagon computers, followed by off-the-record confirmation by officials speaking to the Financial Times this week that the assailants were connected to China’s army, have brought the issue back to the fore. Reports suggest that the online intruders were probably engaged in espionage, downloading information. The ability to spy is threatening enough. But hackers may also discern vulnerabilities in computer systems and inflict damage. One fear is that hackers who peeked into the American government’s networks could possibly, one day, work out how to shut them down, at least for a time.
The Pentagon is presumably better able to protect itself against cyber attacks than most. Other targets have been shown to be more vulnerable. The potential impact of cyber-vandalism became obvious this year when Russian hackers unleashed the biggest-ever international cyber-assault on tiny Estonia, after the Baltic country caused offence by re-burying a Russian soldier from the second world war. “Denial of service” attacks, when huge numbers of visitors overwhelm public websites, crippled Estonian government computers. Some breathlessly called it the first direct Russian attack on a NATO member.
The Russian government claimed in that incident that the hackers were incensed ordinary Russians. But some experts said they saw Kremlin footprints. In the current Chinese case the script has been repeated; some at the Pentagon say they can pin the attacks on the People’s Liberation Army. Germany’s government has protested to China’s rulers, saying it too was once hacked by the PLA. Other governments, such as the British one, say that cyber-attacks are increasingly common problems. China, too, says it has been a victim of cyber-assault, and that it takes the issue seriously. In all likelihood—as with the more traditional spying of the cold war days—many countries are attempting some sort of cyber-attacks, while condemning others who do it.
Some of the more effective cyber snoops and vandals may not be government employees. Rather, as pirates would once loot on behalf of particular governments, a few of today’s more effective hackers may be freelancers acting perhaps with tacit official approval. But governments are also developing capability themselves. A Pentagon report this year on China’s military forces said baldly that the country was developing tactics to achieve “electromagnetic dominance” early in a conflict. It added that, while China had not developed a formal doctrine of electronic warfare, it had begun to consider offensive cyber-attacks within its operational exercises.
Cyber-attacks present an attractive option to America’s foes, as a form of guerrilla or asymmetrical warfare. In 2002 the Pentagon ran a war-game with the evocative title “Digital Pearl Harbour”. In it, simulated attacks showed only temporary and limited effect (for example shutting down some electricity supplies). But this week’s revelation may show that America has underestimated its Chinese rival.
The legal world has always been slow to keep up with technology, and the international law of cybercrime is no exception. The first international legal instrument on the subject was the Council of Europe’s Convention on Cybercrime. It requires members to pass appropriate laws against cybercrime—including unauthorised access and network disruption, as well as computer-aided traditional crimes like money-laundering and child pornography. It also mandates a certain level of law-enforcement to prevent laxer jurisdictions from becoming cybercrime havens. But its reach is limited. It came into force in 2004 among just six Council of Europe members; others have since joined, including America at the start of this year. No other non-member of the Council of Europe has joined. This means that the Chinese shenanigans, whatever they were, continue to exist in a legal netherworld.
China rejects US charge it hacked into the PentagonLast updated at 13:24pm on 4th September 2007
China has rejected a report that hackers controlled by its military had successfully entered a Pentagon network, calling the claim a product of "Cold War" thinking.
The Financial Times, citing former and serving US officials, said Chinese People's Liberation Army hackers broke into a US Defence Department network in June, taking data and prompting the shutdown of a system serving department secretary Robert Gates.
The report came a week after German Chancellor Angela Merkel raised similar claims that Chinese hackers had infected German government ministries with spying programmes.
China deflected the German reports, and now it has flatly rejected the US claims, as well as denying reports that Chinese-made weapons have been used by Taleban fighters in Afghanistan.
The Chinese government has consistently opposed and vigorously attacked according to the law all Internet-wrecking crimes, including hacking," Foreign Ministry spokeswoman Jiang Yu said.
"Some people are making wild accusations against China ... They are totally groundless and also reflect a Cold War mentality."
The Pentagon warned earlier this year that China's army is emphasising hacking as an offensive weapon. It cited Chinese military exercises in 2005 that included hacking "primarily in first strikes against enemy networks".
Beijing has devoted a large part of its rising defence budget to developing more advanced technology, including computer capabilities. But Jiang said her government was also the victim of computer attacks.
The Financial Times cited one source familiar with the event as saying there was a "very high level of confidence ... trending towards total certainty" that the army was behind it.
It said hackers from various locations in China had spent several months trying to tap into the system before breaching its cyber defences, forcing the Pentagon to shut down its network for more than a week.
US President George W. Bush is scheduled to meet Chinese President Hu Jintao in Sydney while the two leaders are there for the APEC regional summit.
The FT quoted a former US official as saying the PLA was now able to disrupt and even disable the Pentagon's computer system.
"The PLA has demonstrated the ability to conduct attacks that disable our system ... and the ability in a conflict situation to re-enter and disrupt on a very large scale," the former offical told the newspaper.
The Financial Times reported that the Pentagon was investigating what data had been taken, and a source told the paper that most of it was probably unclassified.
Spokeswoman Jiang also rejected a BBC report that Chinese-made weapons have been used by Taliban fighters in Afghanistan.
London has complained to Beijing that the weapons were used in Taliban attacks on British and US troops, the BBC reported, citing British officials.
"This accusation is groundless," Jiang said. "The Chinese government has always been prudent and responsible in its military exports."
China did not sell weapons to "non-state" entities, she said.
The Associated Press reported in July that the US State Department was trying to recover from large-scale network break-ins affecting operations worldwide. The hackers appeared to target the department headquarters and offices dealing with China and North Korea, it was reported.
However, experts have said that China is home to a large number of insecure computers and networks that hackers in other countries could use to disguise their locations and launch attacks.