中国称,遭迄今最大网络黑客攻击
北京
据法新社报道,中国有关机构称,
中国遭到迄今最大规模的黑客攻击。中国互联网络信息中心周二(
8月27日)通报说,上周日发生的大规模黑客攻击,
导致中国国内多个网络服务器瘫痪2小时,黑客使用的是俗称的“
DDoS”攻击,通过同时发送数量庞大的“请求包”
致服务器瘫痪。攻击对象是所有同“.cn”域名有关的网址。
中国互联网络信息中心通报说,在首次攻击发生两小时后,
又出现后续攻击。该机构没有说明谁要对攻击行为负责。
美国政府曾多次指控北京要对美国受到的网络黑客行为负责。
中国予以否认,并强调,中国自己是网络黑客行为的受害者。
2007.9.6
BBC
無形的軍事競賽
《衛報》說,中國黑客入侵西方軍事電腦的指稱,令人關注到將來的全球衝突可能在網絡空間發生。
人們預計未來將發生大規模的信息戰爭
|
報道說,現在的網絡軍火庫包括:
惡毒軟件(Malware):使用間諜軟件,窺探敵人秘密。
機器人電腦(Bots):利用病毒感染敵人電腦後,再利用這台電腦發動攻擊。
喪屍電腦(Zombies):不動聲色地入侵敵人的電腦後,更改裡面的程式,然後操控這台電腦進行攻擊。
癱瘓系統(Denial of Service):利用許多電腦向某一電腦系統發出信息要求,阻擾或癱瘓這一系統的運作。
報道說,網際網絡系統戰近年來不斷增加,包括1999年加拿大與法國發生邊界爭議時,加拿大入侵法國的通信系統。
2000年美國聯邦調查局入侵莫斯科的國家安全局電腦系統,原因是俄羅斯情報機構的黑客偷竊美國的商業情報,聯邦調查局入侵他們在莫斯科的電腦,進行調查。
2000年,美國五角大樓攻擊俄羅斯國安部門,然後再入侵克里姆林宮的電腦系統。
來自廣東省的中國黑客先後在2004和2007年分別入侵美國陸軍信息系統和國防部長辦公室的電腦系統。
另外,中國的黑客也在2007年入侵了英國和德國政府部門的電腦系統。
Cyberwarfare
The mouse that roared
Sep 5th 2007 | NEW YORK
From Economist.com
Is cyberwarfare a serious threat?
EPA
A DECADE or so ago, thinkers and pundits were fond of discussing the emerging threat of cyber attacks as a matter of international affairs. The growing reliance of advanced economies on the internet, and the increasing use of the internet by governments and armies, seemed to offer vulnerability along with riches and convenience. The scare of the “Y2K bug” seemed to highlight the danger, at least until it became obvious that the bug was of no threat to anyone.
Now, despite preoccupation with more old-fashioned sorts of terrorism and war, is there, again, reason to fret about the cyber sort? Revelations this year that hackers successfully broke into Pentagon computers, followed by off-the-record confirmation by officials speaking to the
Financial Times this week that the assailants were connected to China’s army, have brought the issue back to the fore. Reports suggest that the online intruders were probably engaged in espionage, downloading information. The ability to spy is threatening enough. But hackers may also discern vulnerabilities in computer systems and inflict damage. One fear is that hackers who peeked into the American government’s networks could possibly, one day, work out how to shut them down, at least for a time.
The Pentagon is presumably better able to protect itself against cyber attacks than most. Other targets have been shown to be more vulnerable. The potential impact of cyber-vandalism became obvious this year when Russian hackers unleashed the biggest-ever international cyber-assault on tiny Estonia, after the Baltic country caused offence by re-burying a Russian soldier from the second world war. “Denial of service” attacks, when huge numbers of visitors overwhelm public websites, crippled Estonian government computers. Some breathlessly called it the first direct Russian attack on a NATO member.
The Russian government claimed in that incident that the hackers were incensed ordinary Russians. But some experts said they saw Kremlin footprints. In the current Chinese case the script has been repeated; some at the Pentagon say they can pin the attacks on the People’s Liberation Army. Germany’s government has protested to China’s rulers, saying it too was once hacked by the PLA. Other governments, such as the British one, say that cyber-attacks are increasingly common problems. China, too, says it has been a victim of cyber-assault, and that it takes the issue seriously. In all likelihood—as with the more traditional spying of the cold war days—many countries are attempting some sort of cyber-attacks, while condemning others who do it.
Some of the more effective cyber snoops and vandals may not be government employees. Rather, as pirates would once loot on behalf of particular governments, a few of today’s more effective hackers may be freelancers acting perhaps with tacit official approval. But governments are also developing capability themselves. A Pentagon report this year on China’s military forces said baldly that the country was developing tactics to achieve “electromagnetic dominance” early in a conflict. It added that, while China had not developed a formal doctrine of electronic warfare, it had begun to consider offensive cyber-attacks within its operational exercises.
Cyber-attacks present an attractive option to America’s foes, as a form of guerrilla or asymmetrical warfare. In 2002 the Pentagon ran a war-game with the evocative title “Digital Pearl Harbour”. In it, simulated attacks showed only temporary and limited effect (for example shutting down some electricity supplies). But this week’s revelation may show that America has underestimated its Chinese rival.
The legal world has always been slow to keep up with technology, and the international law of cybercrime is no exception. The first international legal instrument on the subject was the Council of Europe’s Convention on Cybercrime. It requires members to pass appropriate laws against cybercrime—including unauthorised access and network disruption, as well as computer-aided traditional crimes like money-laundering and child pornography. It also mandates a certain level of law-enforcement to prevent laxer jurisdictions from becoming cybercrime havens. But its reach is limited. It came into force in 2004 among just six Council of Europe members; others have since joined, including America at the start of this year. No other non-member of the Council of Europe has joined. This means that the Chinese shenanigans, whatever they were, continue to exist in a legal netherworld.
China rejects US charge it hacked into the Pentagon
Last updated at 13:24pm on 4th September 2007
China has rejected a report that hackers controlled by its military had successfully entered a Pentagon network, calling the claim a product of "Cold War" thinking.
The Financial Times, citing former and serving US officials, said Chinese People's Liberation Army hackers broke into a US Defence Department network in June, taking data and prompting the shutdown of a system serving department secretary Robert Gates.
The report came a week after German Chancellor Angela Merkel raised similar claims that Chinese hackers had infected German government ministries with spying programmes.
China deflected the German reports, and now it has flatly rejected the US claims, as well as denying reports that Chinese-made weapons have been used by Taleban fighters in Afghanistan.
The Chinese government has consistently opposed and vigorously attacked according to the law all Internet-wrecking crimes, including hacking," Foreign Ministry spokeswoman Jiang Yu said.
"Some people are making wild accusations against China ... They are totally groundless and also reflect a Cold War mentality."
The Pentagon warned earlier this year that China's army is emphasising hacking as an offensive weapon. It cited Chinese military exercises in 2005 that included hacking "primarily in first strikes against enemy networks".
Beijing has devoted a large part of its rising defence budget to developing more advanced technology, including computer capabilities. But Jiang said her government was also the victim of computer attacks.
The Financial Times cited one source familiar with the event as saying there was a "very high level of confidence ... trending towards total certainty" that the army was behind it.
It said hackers from various locations in China had spent several months trying to tap into the system before breaching its cyber defences, forcing the Pentagon to shut down its network for more than a week.
US President George W. Bush is scheduled to meet Chinese President Hu Jintao in Sydney while the two leaders are there for the APEC regional summit.
The FT quoted a former US official as saying the PLA was now able to disrupt and even disable the Pentagon's computer system.
"The PLA has demonstrated the ability to conduct attacks that disable our system ... and the ability in a conflict situation to re-enter and disrupt on a very large scale," the former offical told the newspaper.
The Financial Times reported that the Pentagon was investigating what data had been taken, and a source told the paper that most of it was probably unclassified.
Spokeswoman Jiang also rejected a BBC report that Chinese-made weapons have been used by Taliban fighters in Afghanistan.
London has complained to Beijing that the weapons were used in Taliban attacks on British and US troops, the BBC reported, citing British officials.
"This accusation is groundless," Jiang said. "The Chinese government has always been prudent and responsible in its military exports."
China did not sell weapons to "non-state" entities, she said.
The Associated Press reported in July that the US State Department was trying to recover from large-scale network break-ins affecting operations worldwide. The hackers appeared to target the department headquarters and offices dealing with China and North Korea, it was reported.
However, experts have said that China is home to a large number of insecure computers and networks that hackers in other countries could use to disguise their locations and launch attacks.