Footage seeming to feature army-labelled software raises questions about China's denials of involvement in hacking
China's state broadcaster has shown footage apparently featuring army-labelled software for attacking US-based websites, security experts say.
Beijing has consistently denied claims that China has been behind cyber-attacks, insisting that it plays no part in hacking and is itself a victim.
The analysts cautioned that the six-second clip could be a mock-up by the broadcaster, CCTV, and that, if genuine, it was probably around 10 years old. Either way, it is in marked contrast to China's usual stance on the issue.
The footage emerged as the Pentagon's annual report to Congress on the Chinese military said the People's Liberation Army (PLA) had closed some key technological gaps and was on track for modernisation by 2020, including through investment in cyber capabilities. China's state news agency Xinhua denounced the document as a scaremongering "cock and bull story".
The footage CCTV showed was part of a cybersecurity documentary screened on its military channel last month – and removed from its website after US security analysts wrote about it.
The programme includes a detailed discussion of cybersecurity by Senior Colonel Du Wenlong of the PLA's academy of military sciences.
A narrator then discusses methods of attack as the screen shows software being operated by an unseen user.
The Chinese characters indicate an option for a distributed denial of service attack, a crude form of attack which disrupts access to a site by bombarding it with requests for data.
Another shot shows the words "attack system" and "PLA Electronic Engineering Institute" on screen. The user chooses a name – minghui.org – from a list of sites belonging to the banned Falun Gong spiritual movement and clicks on a button reading "attack".
The security-focused China SignPost site suggested the footage, if genuine, was likely to be more than a decade old because the method was so basic and because there were several such attacks on Falun Gong sites in 1999 and 2000.
Dr Andrew Erickson, an associate professor at the US Naval War College's China Maritime Studies Institute, and Gabe Collins, a commodity and security specialist, wrote: "It appeared to show dated computer screenshots of a Chinese military institute conducting a rudimentary type of cyber-attack against a United States-based dissident entity. However modest, ambiguous — and, from China's perspective, defensive — this is possibly the first direct piece of visual evidence from an official Chinese government source to undermine Beijing's official claims never to engage in overseas hacking of any kind for government purposes."
Asked if the footage had been mocked up, CCTV 7 said it did not respond to queries from foreign media. CCTV has been caught using misleading footage in the past – memorably in January, when shots from the movie Top Gun were inserted into a news report about PLA training exercises.
The foreign ministry in Beijing did not reply to queries.
The Washington Post said Wang Baodong, a spokesman for the Chinese embassy in Washington, declined to comment on the video but added: "It's no secret that Falun Gong and its subordinate institutions have been intensifying their subversive efforts against China in cyberspace. And China has every legitimate right to take action against such harmful activities to defend its national security interests." Cyber-attacks are becoming an increasing source of concern for governments around the world. The Pentagon said in a strategy document earlier this year that it would be willing to use conventional military action to retaliate against them.
Earlier this month, security firm McAfee claimed it had uncovered the biggest series of cyber-attacks to date and believed a state actor was responsible. Security experts suggested that was likely to be China. Last year the PLA announced it was setting up a special command to handle cyberwar threats, but said that the department was for defensive purposes. The US created a similar centre in 2009.
The US and Israel are also widely believed to have been responsible for the Stuxnet virus that reportedly disrupted Iran's nuclear programme.
--
Source: http://www.guardian.co.uk/world/2011/aug/25/china-cyber-attack-tv-hacking
~
Manage subscription | Powered by rssforward.com
0 comments:
Post a Comment