'Cyber War' Escalates
The "cyber war" between U.S. and Chinese computer hackers escalated Thursday, with each side drawing armies of hackers from other countries to a virtual battlefield that has so far left hundreds of Chinese and American Web sites down or defaced.
Chinese hackers, who began their assault on U.S. Web sites Monday, have stated that they will step up their attacks Thursday and Friday in honor of Qingnian Jie (Youth Day), a Chinese national holiday.
"Tomorrow (Thursday) will be the big day," said Chinese hacker Jia En Zhu in a telephone interview with Agence France-Presse. "We are already inside the U.S. government's computers, and we can hurt them if we choose to. What we are doing is not a war, though — this is just the way hackers have fun."
So far, the attacks have largely been relatively harmless defacements of Web pages and have not involved viruses, malicious code, or denial-of-service attacks on servers.
But the planned escalation of the attacks and the spread of the cyber war to other nations had security experts on high alert Thursday.
Mike Assante of the Internet security firm Vigilinx said that government officials and security firms were diligently monitoring network activity in order to combat viruses and denial-of-service attacks.
Assante said data indicated that hackers from other nations were joining the war, but that hackers also typically disguised their locations.
According to a warning issued Tuesday by the FBI's National Infrastructure Protection Center, network scans and attempted exploitations of weaknesses in Unix networks "currently number in the millions," a huge increase in this type of activity, which the NIPC said remained "ongoing."
Marquis Grove of Security News Portal told Agence France-Presse that the current attempts to probe networks typically are the signs of an effort to launch large-scale distributed-denial-of-service attacks, which crash computer networks by flooding them with useless traffic.
Right now, pro-U.S. hackers are now being supported by hackers from Saudi Arabia, Pakistan, India, Brazil, Argentina, and Malaysia, while pro-China hackers are being backed by hackers in Korea, Indonesia and Japan, Grove said.
The cyber war began Monday when Chinese hackers, blaming the U.S. for the recent collision between a Chinese fighter jet and an American surveillance plane, launched a massive attack Monday against U.S. Web sites, including those of United Press International, the U.S. Department of Labor and the Navy's communication center.
By Tuesday, American hackers had organized a full-out counter-attack, calling their effort "Project China: Asia Domination," and targeting mostly Chinese government sites.
While both sides appeared to be targeting sites randomly, Jerry Reese, director of intelligence at Vigilinx, said the hackers were choosing sites based not on content or ownership as much as technology they could breach.
Chinese hackers claim that they have hit the U.S. House of Representatives with a successful denial of service attack, and also said that they have hacked into the networks of the U.S. Department of the Interior's National Business Center, the U.S. Geological Survey and Pacific Bell Internet Services.
UUNet, a major Internet service provider, the United Press International news agency and the White House Historical Association have all acknowledged that Chinese hackers have defaced their sites.
On the UPI's site, Chinese hackers replaced the site's home page with the image of a waving Chinese national flag and anti-American slogans scrawled in a mix of Chinese characters and English letters.
The copy that appeared in English read "The Great Chinese Nation Hooray! USA Will Be With Responsibility for the Accident Totally!!! Protest USA sell Weapon to Taiwan, Break The World Peace!!! USA IS BITCH! I am from China---Peak."
Peak is the moniker for one of the hackers.
The Xinhua News Agency reported that U.S. hackers have defaced the Web sites of the provincial governments of Yichun, Xiajun and Beijing, the Zinghua and Xinjiang Universities, and Samsung's and Daewoo Telecom's Korean sites.
In a mostly obscene message directed at the Chinese hackers, a Web site defaced by American hackers reads in part, "Get ready to meet a strike force with strength the world has never seen before! We are going for all out cyber warfare on your gov.cn boxes and every other box that you ... haven't secured! Hold onto your boots because many will fall to the wrath of the blood bath!"
American hackers said they are now waiting to see if pro-China hackers escalate their attacks.
"I want to see how they step up to the plate and fulfill their threats," said a hacker known as "pr0phet," who, according to a report at China.com, has defaced more Chinese web sites than any other individual. "If they do, I'll say this — it will get way ugly for their servers."
A more ominous element of the attacks is that hacking is a capital offense in China. Two hackers who broke into a Chinese bank computer network and stole $31,400 were sentenced to death in 1998. While security experts don't think the Chinese government is sponsoring the attacks, they believe Beijing would have to be condoning an effort this large and organized.
The threat that the harmless and easily repaired defacements could escalate into denial-of-service attacks and viruses is also very real. In February, 2000, a teenager using very simple denial-of-service tools managed to cripple the web sites of Yahoo. Chinese hackers have made sophisticated tools freely available on their Web sites.