Chinese CNCERT report raises the alarm on attacks originated overseas

Pierluigi Paganini March 31, 2014

The last report issued by China’s Computer Emergency Response Team (CNCERT) blames US for the majority of malware based attacks against the Chinese systems.

There was once a dreaded China that violated the systems across the world and all the countries accused its cyber units to conduct aggressive and reckless hacking, today’s world politics discovered that US Intelligence has always adopted a similar strategy.

The last report issued by China’s Computer Emergency Response Team (CNCERT) revealed that the number of malware based attacks against the Chinese systems is jumped by more than 50 per cent over the past twelve months, and the US Government is considered responsible for a series of offensives conducted with the intent to gain a persistent access to the Chinese networks.

The report has been issued a few days after the Snowden‘s revelation on the hacking activities conducted by the NSA against the Chinese Giant Huawei with the aim of installing backdoor into its products to extend its large-scale surveillance.

As explained in the report published last year by the CNCERT, the document remarks that China is also victim of serious attacks run by foreign hackers, Chinese authorities are concerned regarding the pressure of the offensives originated from West, also in this case the majority of the incursions were traced back to the United States. The CERT also warned of the consequences of hacktivism, groups like Anonymous caused serious problem  for Chinese organizations. Anonymous blamed for nearly attacks on 600 against Chinese infrastructure, including one the People’s Bank of China.

Chinese CNCERT report

The results of the annual report are alarming for the Chinese Government, nearly 15,000 “hosts” were hacked by attackers that used “APT Trojan”, nearly 61,000 sites were infected with backdoor by foreign hackers in 2013. The number of  backdoor-based attack raised by 62 per cent in the same period.

“Local government websites are hacked “disaster area”, in 2013 our country has been tampered with and the backdoor government web sites, more than 90% below the provincial and municipal local government websites. Our government website frequently suffered hacker attacks organization, which “Anonymous” hacker group, such as the invasion of our country at least more than 600 sites. Following the central bank clearly does not endorse Bitcoin, the central bank official website and official Sina Weibo being hacked.”  states the translated version of the announcement made in 28th March at the National Internet Emergency Center ( CNCERT ) held in Beijing.

An overall amount of 10.9 million Chinese PCs was infected and controlled by foreign actors last year,  US hackers accounted for 30.2 per cent of these attacks, but very active resulted also South Korea, the country in fact with Hong Kong are mentioned as a persistent source of attacks.

The fact that an attack has been originated in the US is not meaningful for the attribution of responsibility, US infrastructures are continually targeted by hackers because represent privileged platforms to move the attacks due their reputation and reliability of the architectures.

The report has also warned of the rapid growth of cyber threats that target mobile platforms, the number of new malware family for Android is exploding, in 2013 703,000 new mobile malware samples (99.5 percent for Android platform) were detected, an increase of 330 respect 2012. Recently TrendMicro published an interesting study on the Chinese Mobile underground, describing products and services by cyber criminals to conduct illicit activities, this report is aligned with information provided by the CNCERT.

“Mobile application store, forums, download sites, dealers and other ecological system contamination upstream and downstream users infected faster.” states the CNCERT report.

The report shows an alarming scenario, Chinese authorities are concerned for their population that is exposed to serious a risk of hacking and data breaches,  the CNCERT reports, in fact, that the number of hardware and software vulnerabilities in the communication network equipment is increased of 1.5 times respect 2012.

Pierluigi Paganini

(Security Affairs –  CNCERT, China)



you might also like

leave a comment