Thursday, 4 March 2010

Black Hawk down - but the rest?

Many doubt Beijing’s push to curb hackers

2 comments:

Guanyu said...

Black Hawk down - but the rest?

Many doubt Beijing’s push to curb hackers

Barbara Demick
10 February 2010

The pitch was tantalising: Just a little training and you too could hack websites, earning thrills, power and, in many cases, money.

“Guaranteed successful attack tools!” is how Black Hawk Safety Net advertised its online academy for hackers. “Spare one minute to learn and you’ll make your life more exciting.”

Police in Hubei province announced to the media at the weekend that they had closed down the operation, which state media said was the largest training site for Chinese hackers, and arrested three of its ringleaders. Black Hawk is accused of collecting more than US$1 million in fees from 12,000 subscribers and 170,000 others who took its online courses, according to Chinese media.

Police actually shut down the network in November, two months before Google made international headlines when it said it might leave China after it was hit by a series of cyber attacks originating there.

To some, the announcement now suggests that the Chinese government could be getting more serious about cracking down.

“In legal terms, these hacking crimes are completely new and only recently have prosecutors understood how dangerous they are,” said Beijing lawyer Li Xuxi, who applauded the arrest of Black Hawk’s founders. “In China, as elsewhere in the world, the trend is to get stricter with these kinds of crimes.”

But critics say the arrests may be little more than a propaganda ploy amid the Google scandal. The Black Hawk arrests “seem aimed at bolstering the foreign ministry’s claim that China is getting tough on hackers. This is meant for an international audience, not for domestic criminal prosecution,” said James Mulvenon, a director of the Centre for Intelligence Research and Analysis at Defence Group, based in Washington.

If China is going to get serious about hacking, prosecutors have their work cut out for them. On the Web, in magazines and on occasional bus-stop advertisements, internet users are beckoned with invitations to become heike, or “black visitor”, the Chinese term for hacker. Even the names “EvilOctal” and “Dark Security Team” make unvarnished appeals to the criminal side.

“Most of the members are really young, still students, and they are drawn by the mystique of being a hacker,” said a well-known Chinese hacker who goes by the name Lyon. “China’s internet security is still very weak, so it is a hothouse environment for nurturing these kinds of businesses.”

Some hacker networks say they provide a service by hacking into websites and then selling their services to bolster security for those same sites. But other groups teach how to break into financial accounts to steal money or how to disable the websites of competitors.

Some claim their motives are purely political.

“We are the real patriotic youth. We’ll target anti-China websites across the nation and send it as a birthday gift to our country,” boasted a website called 2009.90, which, when opened, showed an image of a fluttering Chinese flag.

Security consultants say it is hard to know what proportion of hacking from China is the work of individuals and whether the government is involved. But some say the high skill level of some attacks suggests China’s military or other agencies may have trained or directed the hackers.

“The scale, operation and logistics of conducting these attacks - against the government, commercial and private sectors - indicate that they are state-sponsored,” security firm Mandiant Corp said in a report last month. “The Chinese government may authorise this activity, but there is no way to determine the extent of its involvement.”

One of the difficulties in cracking down on hackers is their level of acceptance in society. Top Chinese hackers hold a yearly conference in Beijing under the name Xcon.

Guanyu said...

Moreover, some cyber warfare experts have accused the Chinese government of sponsoring sophisticated attacks, such as those against rights groups and political adversaries such as the Dalai Lama, Tibet’s exiled spiritual leader.

Black Hawk and other academies, Mulvenon said, have not been implicated in the major attacks.

“These academies like Black Hawk are primarily money-making ventures, like self-help schools for people who want to better themselves,” he said.

The Black Hawk site started up in 2005 in Xuchang, a Henan province city bordering Hubei. It came to the attention of the authorities in 2007 when an internet cafe owner complained that his internet service stopped working and that somebody was demanding more than US$1,000 to restore it, according to a report in the Hubei provincial newspaper.

Eventually police arrested the perpetrators and traced the attack back to Black Hawk. Offices rented by the company were raided in November. Two of the founders of Black Hawk were arrested in December and a third man in January, according to the official media.

Although Black Hawk’s original website, 3800hk.com, could not be accessed, a notice purportedly from Black Hawk circulating on online forums said that a backup site had been set up. The notice also sought to reassure members of its continued operations and said its reputation was being smeared by some internet users.

“At this time, there are internet users with evil intentions who have deliberately destroyed Black Hawk’s reputation, deceived our members and stole material,” the notice addressed to members said. “We must join forces and attack these websites.”

A customer service officer contacted by phone, who refused to give his name, said the backup site provides content for its paying members to download course material to allow them to continue their computer lessons - although not in hacking.

The Hubei government refused to comment on Monday, while officials at the provincial public security bureau did not respond to repeated requests for comment.

Black Hawk members say they do not believe the bust will make a dent in China’s hacking culture.

“I’m not worried about Black Hawk being taken down at all,” Zhang Quanhua, a 46-year-old website designer, said in an e-mail interview. He said he was using the site to brush up his computer skills.

“There are tons of similar forums just like Black Hawk. Any forums that break the law will be taken down, but they will be OK as long as they are not hacking for profit.”

McClatchy-Tribune. Additional reporting by Associated Press