![dataloss logo](/images/dataloss-logo.png)
BreachExchange mailing list archives
Huge cyberattack on China was lone hacker, official claims
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Wed, 25 Sep 2013 22:34:19 -0600
http://www.scmp.com/news/china/article/1317101/huge-cyberattack-done-lone-hacker-official-claims The biggest ever cyberattack on Chinese domain servers last month was carried out by a lone hacker, according to a government official responsible for internet security. The explanation offered by the official shocked mainland internet security experts, with many highly sceptical of the story. Beijing last month reported what it described as the biggest ever cyberattack on Chinese domain servers - those domain names ending with ".cn" Wang Minghua, an operating officer with the National Computer Network Emergency Response Co-ordination Centre of China, was quoted by Sina Technology on Monday as saying a suspect in Qingdao , Shandong province, had been detained. Wang said the hacker used a real IP address - suggesting he had to be an amateur. Wang said the man wanted to bring down a game server but mistakenly attacked government servers hosting the country's domain. The co-ordination centre declined to provide more information when contacted by the South China Morning Post. Wang's claim contradicts an earlier official statement. Two weeks ago, Li Xiaodong, executive director with China Internet Network Information, told the People's Daily the attack was launched "by a group of hackers for commercial interest". The attack, Liu said, was launched through a large number of zombie computers - machines controlled remotely by hackers which allowed them to hide their identities. In last month's attack, traffic flow to the domain servers - mostly government or official websites - increased nearly 1,000 times in less than two hours, forcing down many websites. Liu Qing, a cybersecurity expert in Shanghai, said a single hacker could not have pulled off such an attack. "Last month's attack could have cost more than a hundred thousand yuan, if it was launched by a hacker in China," Liu said. "I don't think an amateur hacker could afford that."
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: # OWASP http://www.appsecusa.org # Builders, Breakers and Defenders # Time Square, NYC 20-21 Nov o()xxxx[{::::::::::::::::::::::::::::::::::::::::> Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security offers security intelligence, risk management services and customized security solutions. The YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.
Current thread:
- Huge cyberattack on China was lone hacker, official claims Audrey McNeil (Sep 30)