09/18/2002

Text of report by Doug Nairne entitled: "State hackers spying on us, say dissidents" by Hong Kong newspaper South China Morning Post (Business Post supplement) on 18 September

Overseas-based dissident groups have been bombarded with Internet virus and hacking attacks from mainland sources in what they say is a coordinated attempt to disrupt their operations and spy on their computer networks.

The targeted groups are the same ones whose Web sites this month became inaccessible to mainland users through the Google search engine, leading some to suggest that the attacks are part of a wider campaign to crack down on what Beijing views as [different voice].

The dissident groups say the scale of the attacks goes far beyond what they have experienced in the past, making it unlikely that it is the work of amateur Chinese hackers. Some of the attacks have been traced to China Telecom regional offices in several provinces.

"In some cases we can pinpoint the actual workstation, office, and street address that the [attack] originated from," said Greg Walton, an Internet activist who works with [...] freedom groups. "If this is Chinese hackers playing around, then they are Chinese hackers employed by a state-owned industry operating on the state's time."

The attacks have come in the form of hundreds of e-mails using false or spoof addresses which appear to come from a friendly source. [...]

The e-mails contain so-called Trojan horse programmes which seek out files and attempt to e-mail them to an address on the mainland. Other files open so-called back doors, allowing hackers to take control of the target computer through its Internet connection.

"It has never been as bad as things have become in recent months," Mr Walton said.

Bill Dong, a spokesman for Dynamic Internet Technology, a company providing technical services to Voice of America's Chinese-language Web site, said the attacks started at the end of April, around the same time the Minister for Public Security, Jia Chunwang, urged mainland law enforcers to be more aggressive in fighting [...] foreign forces [criticizing the communist totalitarian regime] via the Internet.

"We believe the viruses were specially created as an organized massive attack," he said.

Mr Dong said the viruses were mainly targeting well-known e-mail addresses for Falun Gong Web sites, banned news sites and technology sites set up to penetrate the information blockade in China such as freenet-china.org. They have also been sent to mailing lists and a wide range of groups Beijing [doesn't like].

The organizations said their security software had so far prevented any large-scale damage that they know of, but that it was impossible to tell how many of their computers may have been infected. There are reports that the virus activity has increased in recent weeks as China gears up for the 16th Communist Party Congress in November.

[...]