China Blames Web Attacks on US IP Addresses

Written by

The number of reported phishing sites in China doubled last year, with US IP addresses blamed for “booming” numbers of attacks on systems inside the Great Firewall, according to new state-backed research.

The report was released on Friday by the Internet Society of China and the National Computer Network Emergency Response Technical Team/Coordination Center of China, and picked up by state-run media.

It claimed the volume of phishing sites increased 2.1 times from 2013 to 2014, to stand at 93,136 by the end of the year.

It was also claimed that the authorities found 36,969 websites in the country had been interfered with and 40,186 webpages had backdoors inserted.

Xinhua also reported that 4761 US IP addresses effectively controlled 5580 Chinese sites via backdoors, allowing remote access to computers in the Middle Kingdom.

Beijing periodically releases stats like these to support its long-held narrative that it is a victim, not a perpetrator of cyber-attacks.

Given the tight control the government and party have over all aspects of life in China, there’s no guarantee that the figures released last week are accurate.

China is regularly placed in or near number one spot as a top source of global attack traffic in Akamai’s State of the Internet report, for example.

The most recent one revealed China way out in the lead and increasing its share to 49% in Q3 2014 – up from 43% the previous quarter.

The US was in second place, accounting for 17% of global attack traffic, up from 13% the previous quarter.

Even this is no indication that Chinese hackers are the most prolific in the world – as compromised machines can be remotely controlled by attackers located anywhere.

In a similar way, the fact that a large number of US IP addresses were accused of controlling thousands of Chinese websites does not indicate that the hackers behind such attacks were American, according to Charles Sweeney, CEO of web filtering firm Bloxx.

“The IP addresses are no indicator of attack source and so whilst the Chinese may well have their suspicions, they could be jumping the gun accusing the US,” he told Infosecurity by email.

“What the report does show is that China has plenty of its own security problems. Much like any other country it needs to be sure that it is robustly protecting is virtual parameters.”

What’s hot on Infosecurity Magazine?