Chinese Hackers May Launch Anti-U.S. Cyber Attacks

Copyright, Reuters News Service, Fair Use for Education and Research Only

Friday April 27 1:35 PM ET

By Jim Wolf

http://dailynews.yahoo.com/htx/nm/20010427/wr/china_usa_hackers_dc_1.html

WASHINGTON (Reuters) - Chinese ``hackers'' have vandalized some U.S. Web sites and may lash out next week in a coordinated political protest, U.S. cyber police and computer security companies warned on Friday.

``Chinese hackers have publicly discussed increasing their activity'' from Monday through May 7, a period when significant dates are marked in China, the FBI-led National Infrastructure Protection Center, an interagency task force, said on its Web site late on Thursday.

It urged system administrators to step up surveillance of Web pages and the computers that store and distribute e-mail. In addition, they should be on alert for so-called denial-of-service attacks, or attempts to swamp a site with more electronic traffic than it can handle.

The advisory did not suggest the feared blitz was endorsed by Chinese authorities. Anti-virus software companies urged users to make sure they had updated programs to protect their computers.

May 1 is International Workers' Day and China marks Youth Day on May 4. May 7 is the second anniversary of the bombing by a U.S. warplane of the Chinese Embassy in Belgrade, which NATO called a mistake but many Chinese said was intentional.

Anger over the April 1 collision between a U.S. Navy reconnaissance plane and a Chinese fighter jet has already sparked a surge in vandalism of Web sites, the infrastructure protection center said.

``To date, hackers have unlawfully defaced a number of U.S. Web sites, replacing existing content with pro-Chinese or anti-U.S. rhetoric,'' it said in the advisory on http://www.nipc.gov/.

Shrine To Wang Wei

At least one site has been transformed into a kind of shrine to Wang Wei, the F-8 fighter pilot lost at sea after intercepting the U.S. EP-3 electronic eavesdropping plane over the South China Sea.

The FBI-led center also linked a virus known as Lion to China. It said the ``worm,'' or malicious code, was capable of sending files storing passwords from a victim site to an e-mail address in China.

Some U.S.-based hackers apparently have begun to deface Web sites in China in a kind of tit-for-tat reminiscent of other conflicts, said Rob Clyde, chief technologist of Symantec (NasdaqNM:SYMC - news), which calls itself the world's biggest Internet security company.

Systems administrators should take the warning seriously, he said, citing discussions monitored on some of what he said were the 30,000 hacker-oriented Web sites on the Internet.

``In general, the (infrastructure protection center) warnings tend to be understated rather than overstated,'' Clyde added in a telephone interview on Friday from Symantec headquarters in Cupertino, California.

``We are concerned that viruses and worms may be let loose,'' he said. He named a group calling itself the Hackers Union of China as one of those threatening to launch attacks.

Brian Dumphy of Alexandria, Virginia-based Riptech, Inc., another Internet security company with worldwide clients, said denial of service attacks normally would be preceded by probing of networks for vulnerabilities.

``Right now, though, we have not seen that spike,'' he said, adding that his company would know of any unusual activity through monitoring of its client sites.

Political disputes have spilled over to the Internet in recent years, largely through defaced Web pages. Targeted sites have included ones associated with Israel, on one side, and its Arabs neighbors on the other, as well as China and Taiwan.

-- Robert Riggs (rxr.999@worldnet.att.net), April 27, 2001