Beijing (China Daily/ANN) - Online attacks on Chinese networks, originating from IP addresses and servers in other countries and regions, have grown sharply this year, according to a government specialist who warns that Internet security faces increasing threats.
About 7.8 million computers were affected in 27,900 attacks, originating in other countries and regions, between January and June, according to the National Computer Network Emergency Response Technical Team.
The United States hosted many of the overseas command and control servers used in the attacks (24.2 per cent), followed by Japan (17.2 per cent) and South Korea (11.4 per cent), the team reported.
"Online attacks against our country are coming from outside our borders and the situation is growing more serious," said Zhou Yonglin, the team's administration and operation director, in an exclusive interview.
The number of computers affected so far this year almost equals the number caused by 47,000 attacks in 2011.
Hackers use IP addresses and servers overseas to infect networks with Trojan viruses and create Botnets, collections of compromised devices, Zhou said.
Authorities went on red alert in April when Anonymous, an international group of "hacktivists", said it planned to destroy 46 websites run by enterprises, including five in China.
That same month, hackers from the Philippines defaced several Chinese websites and left insulting messages amid a dispute between Beijing and Manila over Huangyan Island.
Team GhostShell, another hacktivist group, also threatened in June to infiltrate government, education and medical websites in China.
Although there is a threat from abroad, Zhou added that "it is possible that someone in China could control an IP address or server overseas to launch an online attack on Chinese websites and computers".
An emergency response team, a department under the Ministry of Industry and Information Technology, has been monitoring the Internet since 1999.
Zhou said that some attacks are obvious, such as when a hacker "defaces" a Web page either to express an opinion or simply because they can.
"Many Chinese websites lack the capability to repel attacks which is why they are often broken into and tampered with," he said.
Other attacks are aimed at spreading sophisticated malware codes that infect computers and install a "back door", he said.
"This allows a criminal to steal private information, infiltrate inner networks or use the malware as a proxy to attack other computers," the director said. "Back-door software is the most dangerous threat to online security as such attacks are hard to identify by webmasters and users."
According to the team's report, 12,950 overseas IP addresses controlled 15,638 Chinese websites using back-door software between January and June this year.
A criminal can install malware on an online store or forum to monitor operations and transactions, and steal user accounts or passwords, Zhou said. This information can then be used in future fraud.
Some people also create fake versions of popular websites to dupe netizens into handing over money or private details.
"This is called phishing ... and is often targeted at online shopping platforms, such as Taobao [China's largest Internet marketplace], as well as banks and even popular TV shows," Zhou said.
Fraudsters recently scammed people using a fake homepage for Xingguang Dadao, a talent show on China Central Television, that asked for bank account numbers and passwords.
"We deal with several cases like this every month," Zhou said, adding that, between June to August his team handled more than 100 cases involving students and their parents being swindled by fake college-registration websites.
Despite having the world's largest number of Web users, people on the Chinese mainland are relatively unaware about online security.
According to the China Internet Network Information Centre, almost 80 million of the country's 538 million netizens are primary, middle or high school students.
Ji Yuchun, also with the team's administration and operation department, said technical countermeasures currently used to protect users are unable to cope with the emerging challenges.
"We can't ignore the fact that some people hack websites for fun, but many do intend to connect and form organisations to commit attacks together for larger interests," she said.
"Also, attacks are becoming more sophisticated. Hacker industry chains have been established across the world."
Both Zhou and Ji expressed concern over the new Flame virus, which has been used to target the Middle East and, according to media reports, was developed for political purposes.
During the first half of the year, the team has handled 2,440 cases that involved working with overseas partners and are establishing links with foreign agencies.
The authority has already met twice with the East West Institute, an international think tank with headquarters in the US, to discuss how to tackle the online threat, Zhou said.
"International cooperation is essential to halt attacks and enhance security for everyone on the Internet," he said.
As well as efforts by government and official agencies, residents and online operators must be cautious when using the Internet or publishing information online, Ji said.
The team has also called for more specific rules to regulate the Internet and protect online security.
