Chinese web security under attack

China itself is a sufferer of severe Internet hacking rather than the source of such attacks that Western media has portrayed them as being, said a Chinese Internet security center on Thursday. The New York Times and Wall Street Journal last week reported that their computer systems had been breached by China-based hackers, while China has been regularly characterized as a major origin of web threats in the United States. In fact, weak security awareness and wild hacking activities from overseas have made Chinese Internet users victims of cyber crime, the National Computer Network Emergency Response Coordination Center (CNCERT) said in a statement. China's Internet mainly suffers three kinds of attack, said the CNCERT, the country's primary computer security monitoring network. One of the attacks sees overseas hackers control computers in China via Trojan or Botnet. CNCERT statistics show that a total of 73,286 overseas IPs were involved in hijacking nearly 14.2 million mainframes in China in this form last year. Of the victim mainframes, 10.5 million, or 74 percent, were under control by servers in the United States. Hacker IPs from the Republic of Korea and Germany also respectively controlled nearly 785,000 and 778,000 mainframe IPs in China, according to the CNCERT. The second form of attack involves spreading malicious codes by domain names registered overseas. The CNCERT said it found that a monthly average of 65.5 percent of the malicious domain names were registered overseas in 2012. The third concerns attacks on websites in China from overseas. In the United States, 7,370 IPs controlled 10,037 websites in the Chinese mainland, making the United States the biggest attacker of China's Internet. Facing severe Internet hacking activities, communication industries in China have launched crackdowns on malware and fake source addresses. The CNCERT joined various institutions and companies in 2012 to conduct 14 campaigns sweeping Trojan and Botnet malware, destroying 2,463 overseas Internet-controlling terminals and 1,227 malware sources. It also carried out six campaigns to crack down on rogue mobile Internet programs, the CNCERT said. It added that some network operators have managed to reduce the rate of common "TCP SYN Flood" and "UDP Flood" attacks from 70 percent in 2011 to 49 percent in 2012.