China names Japan and US as top cyberattackers

We are victims too, Chinese CERT claims

China is on the receiving end of a growing volume of cyberattacks with Japan and the US the biggest culprits, the country's National Computer Network Emergency Response Technical Team (CNCERT/CC) has announced.

The number of infected computers it had detected reached 8.9 million in 2011, up from 5 million a year earlier it said, many infected with data-stealing Trojans.

It also said that 10,593 Chinese websites were being "controlled" by 11,851 foreign IP addresses, with a total of 1,116 websites, including 404 Government sites, defaced from outside the country.

Pointedly, the report blamed Japan for 22.8 percent of these attacks, just ahead of the US on 20.4 percent, with South Korea third on 7.1 percent. The other 50 percent of attacks were not broken down.

"This shows that Chinese websites still face a serious problem from being maliciously attacked by foreign hackers or IP addresses," CNCERT's Wang Minghua was reported as saying during a news conference.

The very public announcement is a reminder that while China is usually the country being accused of industrial-scale cyberhacking, such activities work in both directions. Attacking other countries eventually brings back the same treatment upon your own systems, or perhaps China has been a victim all along but has simply chosen not to publicise this fact.

The moment cyberwarfare crossed from being a mostly technical worry to a geo-political one was a speech given by in early 2010 by US Secretary of State Hillary Clinton in the aftermath of the notorious Aurora hacking attacks on Google and others.

"In an interconnected world an attack on one nation's networks can be an attack on all. By reinforcing that message we can create norms of behaviour among states and encourage respect for the global networked commons," Clinton said, mentioning China by name.

The US had long moaned about Chinese cyberbehaviour but never before had a senior member of a US administration made such uncompromising public remarks. Only two years later, the geo-political is now the dominant filter through which anything 'cyber' is first considered - including for the Chinese.

The accusation against Japan is especially significant, coming after a period in which China itself was blamed for an extraordinary sequence of attacks against Japanese defence companies and Government.

Copyright © 2012 IDG Communications, Inc.

Microsoft's very bad year for security: A timeline