U.S.-China cyberwar a dud, though trouble still lingers

ITworld.com |  Security

What if they gave a cyberwar and nobody came? That seems to be the situation days after the end of what was described by some as a "cyberwar" staged by Chinese hackers against the U.S. in retaliation for the death of Chinese pilot Wang Wei in early April. Doubts linger in some Internet security experts' minds, however, whether this "cyberwar" was the week's real threat.

A Chinese hacker group, the Honker Union of China issued a statement to the Chinese portal Chinabytes earlier in the week declaring a truce and saying that they had reached their goal of hacked 1,000 U.S. sites, according to published reports, including a New York Times story.

But a truce was perhaps unnecessary, as nothing approaching a war ever materialized over the 10 days since the U.S. National Infrastructure Protection Center issued a warning saying that Chinese hackers would take April 30 to May 7 to attack U.S. Web sites to commemorate Wang Wei and celebrate May Day (May 1), Youth Day (May 4) and mark the anniversary of the U.S. bombing of the Chinese embassy in Belgrade, Yugoslavia.

Rather, the only traces of any conflict are a series of Web page defacements showing pictures of Wang Wei -- who died when his plane crashed into a U.S. spy plane -- and promising to fight "hegemony" and "unify the motherland" on one hand and a good deal of frequently vulgar anti-Chinese sentiment from U.S. hackers on the other. Both were complemented by a pile of press releases from eager computer security firms warning users of the danger from "this new form of terrorism" and offering up sources to reporters, as well as a flurry of news stories. Some security experts say that the real problem that cropped up over the last week was that more computers may be potentially vulnerable to being used in denial of service attacks due to the spread of so-called Internet worms.

Web pages defacements are a form of slightly sophisticated digital graffiti. Like graffiti, they involve a hacker leaving a message or an image on a Web site to show that they succeeded in cracking it. However, unlike graffiti, Web page defacement requires that a hacker break into a Web site, a bit harder than simply spraying paint on the side of a building. This sort of attack, however, is equivalent to "pouring paint on some ... person's building," said Alan Paller, director of security research at the SANS Institute.

Two high-profile incidents started the week of defacements when hackers defaced the Web sites for the U.S. Department of Labor and two sites controlled by the U.S. Department of Health and Human Services -- Health.gov and Surgeongeneral.gov -- with pro-China messages. In the days following those hacks, a number of other low-level U.S. government and military sites were hit, with similar postings left on them.

Join us:






Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question