Domestic networks facing serious threat from overseas, specialist says

Online attacks on domestic networks, originating from IP addresses and servers in other countries and regions, have grown sharply this year, according to a government specialist who warns that Internet security faces increasing threats.

About 7.8 million computers were affected in 27,900 attacks, originating in other countries and regions, between January and June, according to the National Computer Network Emergency Response Technical Team.

The United States hosted many of the overseas command and control servers used in the attacks (24.2 percent), followed by Japan (17.2 percent) and South Korea (11.4 percent), the team reported.

"Online attacks against our country are coming from outside our borders and the situation is growing more serious," said Zhou Yonglin, the team's administration and operation director, in an exclusive interview.

The number of computers affected so far this year almost equals the number caused by 47,000 attacks in 2011.

Hackers use IP addresses and servers overseas to infect networks with Trojan viruses and create Botnets, collections of compromised devices, Zhou said.

Authorities went on red alert in April when Anonymous, an international group of "hacktivists", said it planned to destroy 46 websites run by enterprises, including five in China.

That same month, hackers from the Philippines defaced several Chinese websites and left insulting messages amid a dispute between Beijing and Manila over Huangyan Island.

Team GhostShell, another hacktivist group, also threatened in June to infiltrate government, education and medical websites in China.

Although there is a threat from abroad, Zhou added that "it is possible that someone in China could control an IP address or server overseas to launch an online attack on Chinese websites and computers".

An emergency response team, a department under the Ministry of Industry and Information Technology, has been monitoring the Internet since 1999.

Zhou said that some attacks are obvious, such as when a hacker "defaces" a Web page either to express an opinion or simply because they can.

"Many Chinese websites lack the capability to repel attacks which is why they are often broken into and tampered with," he said.

Other attacks are aimed at spreading sophisticated malware codes that infect computers and install a "back door", he said.

"This allows a criminal to steal private information, infiltrate inner networks or use the malware as a proxy to attack other computers," the director said. "Back-door software is the most dangerous threat to online security as such attacks are hard to identify by webmasters and users."