|
ˇ@
Cyberattacks traced to Chinese schools
PRACTICING NEW SKILLS: Investigators have found links to
an elite Chinese university and a vocational school, and even to a specific
class taught by a Ukrainian professor
NY TIMES NEWS SERVICE, SAN FRANCISCO
Saturday, Feb 20, 2010, Page 1
A series of online attacks on Google and dozens of other US corporations have
been traced to computers at two educational institutions in China, including one
with close ties to the Chinese military, people involved in the investigation
said.
They also said the attacks, aimed at stealing trade secrets and computer codes
and capturing the e-mails of Chinese human rights activists, may have begun as
early as April, months earlier than previously believed. Google announced on
Jan. 12 that it and other companies had been subjected to sophisticated attacks
that probably came from China.
Computer security experts, including investigators from the National Security
Agency, have been working since then to pinpoint the source of the attacks.
Until recently, the trail had led only to servers in Taiwan.
If supported by further investigation, the findings raise as many questions as
they answer, including the possibility that some of the attacks came from China
but not necessarily from the Chinese government, or even from Chinese sources.
Tracing the attacks further back, to an elite Chinese university and a
vocational school, is a breakthrough in a difficult task. Evidence acquired by a
US military contractor that faced the same attacks as Google has even led
investigators to suspect a link to a specific computer science class, taught by
a Ukrainian professor at the vocational school.
The revelations were shared by the contractor at a meeting of computer security
specialists.
The Chinese schools involved are Shanghai Jiaotong University and the Lanxiang
Vocational School, according to several people with knowledge of the
investigation who asked for anonymity because they were not authorized to
discuss the inquiry.
Jiaotong has one of Chinaˇ¦s top computer science programs. Lanxiang, in
Shandong province, is a huge vocational school that was established with
military support and trains some computer scientists for the military. The
schoolˇ¦s computer network is operated by a company with close ties to Baidu, the
dominant search engine in China and a competitor of Google.
Analysts differ on how to interpret the finding that the intrusions appear to
come from schools instead of Chinese military installations or government
agencies. Some analysts have privately circulated a document asserting that the
vocational school is being used as camouflage for government operations, but
other computer industry executives and former government officials said the
schools may be cover for a ˇ§false flagˇ¨ intelligence operation being run by a
third country. Some have also speculated that the hacking could be a giant
example of criminal industrial espionage, aimed at stealing intellectual
property from US technology firms.
Spokesmen for the Chinese schools said they had not heard that US investigators
had traced the Google attacks to their campuses.
When asked about the possibility, a leading professor in Jiaotongˇ¦s School of
Information Security Engineering said in a telephone interview: ˇ§Iˇ¦m not
surprised. Actually students hacking into foreign Web sites is quite normal.ˇ¨
The professor, who teaches Web security, asked not to be named for fear of
reprisal.
ˇ§I believe thereˇ¦s two kinds of situations. One is itˇ¦s a completely individual
act of wrongdoing, done by one or two geek students in the school who are just
keen on experimenting with their hacking skills learned from the school, since
the sources in the school and network are so limited. Or it could be that one of
the universityˇ¦s IP addresses was hijacked by others, which frequently happens.ˇ¨
At Lanxiang Vocational, officials said they had not heard about any possible
link to the school and declined to say if a Ukrainian professor taught computer
science there.
A man surnamed Shao, who said he was dean of the computer science department at
Lanxiang but refused to give his first name, said: ˇ§I think itˇ¦s impossible for
our students to hack Google or other US companies because they are just high
school graduates and not at an advanced level. Also, because our school adopts
close management, outsiders cannot easily come into our school.ˇ¨
Shao acknowledged that every year four or five students from his computer
science department were recruited into the military.
ˇ@
|
