Chinese tech team promotes fight with hackers
Updated: 2013-03-20 07:14
By Cao Yin (China Daily)
Greater international cooperation to thwart cyberattacks, boost online security and end groundless accusations were some of the recommendations of a key report on Internet security.
Online attacks originating from IP addresses and servers in other countries and regions have grown sharply, said a report by the National Computer Network Emergency Response Technical Team published on Tuesday.
The government is working with 91 foreign organizations, covering 51 countries, and has signed 12 international agreements on cyberprotection, one of the report's authors said.
The team is part of a regional network sharing information and issuing alerts to combat cybersecurity threats among Asian countries.
The team also cracked down on a botnet, a collection of Internet connected programs generating spam or malicious software, called Nitol under a cooperative arrangement with Microsoft in 2012.
The report says the team handled 4,063 online threats within the country last year.
Cyberattacks from servers overseas are the key task for the Internet security watchdog, said Zhou Yonglin, the team's administration and operation director and a leading specialist on Internet security.
In 2012, Zhou's team tackled 961 cross-border online attacks in cooperation with overseas organizations, a 69.2 percent increase on the figure for 2011, the report said.
"Enhancing international cooperation to fight hackers is crucial, as no single country can do it alone and online security is a global issue," Zhou said.
Almost 15 million computers were affected in 73,000 attacks originating from servers in foreign countries or regions last year.
The US hosted the most overseas command and control servers used in these attacks (17.6 percent), followed by Japan (9.6 percent), the report said.
"We've made efforts to set up cooperation with more countries, especially the US, but there are difficulties," Zhou said. "Some had no equivalent team, while some didn't pay much attention to the issue."
In 2012, the team received a complaint from US-CERT, the US equivalent of the Chinese team, saying a few computers in China affected its websites, according to Zhou.
"We tackled 75 IP addresses based in our country as requested by the US, but when we showed online attacks originating from the US, they didn't reply or pay any attention," he added.
Yang Shuo, a specialist with 10 years of experience in cybersecurity, echoed Zhou, saying international cooperation is a better way to handle online attacks, but international agreements are not easy to reach.
"Cooperation is a comprehensive and complicated problem," said Yang, who works for HollySys, a leading provider of automation and control technologies and applications. "It involves many elements, such as politics, technology and law."
A few countries have shown a willingness to cooperate, but with different legal systems, any agreement will face challenges, he said. "Cooperation can mean a major financial investment, and not every country can afford it."
Yang added that it is more important to boost awareness of potential threats to Chinese Internet users and suggested small websites immediately install software to prevent online attacks.
Shi Xiaohong, vice-president of Qihu360, a major Internet company providing security software, said they have provided security features to about 50,000 small Chinese websites.
"Thwarting online attacks costs a lot of money and needs professional technical expertise, which small companies cannot afford. We help them ward off hackers, either domestically of from overseas," he said.
"The more security holes we fill, the less attacks we will face from the outside," he added.
(China Daily 03/20/2013 page1)