Jan 20 2010

PRC Gov Responses to Hacking Allegations – Timeline

Published by at 11:58 pm under China internet,Other attacks,UK Attacks,US attacks

All dates represent the date the article was published, not necesarily the date that the quote was made.

July 26, 2004
In response to accusations that the Chinese government was involved in computer intrusions against ROK government agencies
“Some media reports that the Chinese government might be behind the hacking incident are groundless” – Chinese Embassy in Seoul (no personal attribution)

December 15, 2005
Response to SANS comments about China being involved in world wide hacking
“Work units and individuals are not permitted to use the Internet to be engaged in illegal activities or commit crimes,… China has laws that make tampering with or cracking a computer’s code illegal.” – Qin Gang

August 27, 2007
In response to a Der Spiegel article that reported intrusions into the German governemnt
“The Chinese government attaches great importance to the hacker attack on the German government networks,” adding China would take “determined” and “forceful” measures to combat hacker activities. – Wen Jiabao

August 28, 2007
In response to the reports of Chinese attributed intrusions into the government of Germany
“The Chinese government has always opposed and prohibited any criminal activity that breaks down computer networks, including hacker attacks,… China has clear rules and regulations on this.” – Jiang Yu

September 4, 2007
In a public response to the FT article that suggested PRC government involvement in a Pentagon intrusion
“The Chinese government has always opposed any Internet-wrecking crime, including hacking, and cracked down on it according to the law” – An Lu (editor)

September 10, 2007
Response to reports about intrusions into the French government for which the French plainly stated that they have no evidence to indicate PRC gov involvement.
“Saying that the Chinese military has made cyber-attacks on the networks of foreign governments is groundless and irresponsible and are a result of ulterior motives” – Jiang Yu

April 9, 2008
In response to Business Week’s e-Spionage article
“The Chinese Government always opposes and forbids any cyber crimes including “hacking” that undermine the security of computer networks. Chinese laws and regulations are explicit in this regard.” – Wang Baodong

April 1, 2009
In response to Ghostnet report
“There is a ghost called the Cold War and a virus called the Theory of China’s Threat overseas,… Some people, possessed by this ghost and infected with this virus, ‘fall ill’ from time to time. Their attempts at using rumors to disgrace China will never succeed…  It is the ghost and the virus that should be ferreted out” - Qin Gang

May 15, 2009
Response to accusations of Chinese espionage in PACOM.
“We urge the United States to abandon Cold War mentality, stop its groundless accusations against China and do more to help build mutual trust between the United States and China and the friendship between the two peoples,” – Ma Zhaoxu
“The intrusion doesn’t exist at all”
– Jiang Yu

Jun 12, 2008
In response to reports of Chinese hacking into computers in the offices of Rep. Frank Wolf and Rep. Chris Smith.
“Is there any evidence? … Do we have such advanced technology? Even I don’t believe it,… I’d like to urge some people in the U.S. not to be paranoid,… They should do more to contribute to mutual understanding, trust and friendship between the U.S. and China.” – Qin Gang

January 19, 2010
In response to Indian allegations of Chinese hacking (following the Google intrusion)
“I can say that these accusations are groundless… The Chinese government is firmly against hacking activities and will deal with relevant cases in accordance with the law” – Ma Zhaoxu

January 22, 2010
In response to US Sec of State Hillary Clinton’s remarks about Internet Freedom and the Google intrusion
“We urge the United States to respect the facts and cease using so-called Internet freedom to make groundless accusations against China” – Ma Zhaoxu
“China resolutely opposes Clinton’s remarks and it is not true that the country restricts online freedom…” – Ma Zhaoxu

January 25, 2010
In response to US Sec of State Clinton’s request for a transparent investigation into the Google intrusion
“We are resolutely against those who make a issue of things without referring to actual facts by needlessly accusing China, ignoring Chinese laws and interfering in Chinese internal politics” – unnamed spokesperson for the State Council Information Office

“As the global landscape is undergoing profound irreversible shifts, the calculated free-Internet scheme is just one step of a U.S. tactic to preserve its hegemonic domination” – Yan Xuetong

January 25, 2010
Response to Google intrusion
The “accusation that the Chinese government participated in (any) cyberattack, either in an explicit or inexplicit way, is groundless and aims to denigrate China… We are firmly opposed to that” – unnamed spokesman for the Ministry of Industry and Information Technology to Xinhua

26 responses so far

26 Responses to “PRC Gov Responses to Hacking Allegations – Timeline”

  1. gao yulongon 21 Jan 2010 at 7:09 am

    Interesting time line presented to the readers, in it’s totality is very impressive.
    Just read Washington Times story China removed as Top Priority for Spies.
    http://www.washingtontimes.com/news/2010/jan/20/china-removed-top-priority-spies/
    The decision downgrades China from “Priority 1″ status, alongside Iran and North Korea, to “Priority 2,” which covers specific events such as the humanitarian crisis after the Haitian earthquake or tensions between India and Pakistan.
    The White House National Security Council recently directed U.S. spy agencies to lower the priority placed on intelligence collection for China, amid opposition to the policy change from senior intelligence leaders who feared it would hamper efforts to obtain secrets about Beijing’s military and its cyber-attacks.
    What do you think?

  2. CBRP1R8on 21 Jan 2010 at 11:57 am

    I think its a mistake on the part of the Whitehouse to drop there guard for even a second…we all know its coming, being prior intelligence community myself we’ve seen things in the past that indicate China’s in full gear up in espionage. Pardon my frankness, but being the only 2 real super-powers left the US and China are gonna tangle as the 2 biggest kids on the block always will do at some point. It’s like playing king of the mountain.

    Unfortunately for us, we’ve been backing off over the years after USSR’s fall and split up and concentrating on all these little efforts all over the world trying to play world police where we should have been working at building up our own infrastructure, security and economics then maybe thingsl ike 9/11 might not have happened. Meanwhile, china has been pressuring the world militarily growing, its got the fastest growing economy in the world and its (i think) still number one in population. The only failing China has is its ability to grow food for that populace and to sustain it.

    Going back to the 2 biggest kids tangling, as it comes down to it, China’s going to seek every opportunity to steal data whereas they won’t have to invest into research which is why they are going for governments, contractors and source code of companies to steal as much intellectual property as they can because they are behind in that realm and why spend money when someone else already has and you can get it for free thru the interwebs.

    The u.s. will have to play to win in this game. It must upgrade critical infrastructure, put defense into networks, work with companies to devise a national strategy to defend against these sort of attacks/intrusions and countermeasures/responses. Establishment of a national anti-intrusion militia would go far (as china has supported un-officially internally with the red hacker army) + there 30-40k strong internal PRC computer group. If U.S. is gonna compete they need to get there heads in the game and get it out of the clouds. That is unless they are playing opossum. (?) That’s the question i’d have for the NSC.

  3. gao yulongon 22 Jan 2010 at 6:36 am

    Sounds views you expressed quite well….just wish your where speaking before Congress or the Senate

  4. El Brew Hoon 22 Jan 2010 at 4:31 pm

    good discussion, CBRP1R8 makes some good points but there’s one that I think is debatable.
    “we’ve been backing off…and split up and concentrating on all these little efforts…where we should have been working at building up..”
    This sounds like it suggests we should try to be the same as China and outdoing them at it, developing a centralized authoritarian monolithic environment instead of choosing to reinforce and develop our fundamental difference as a democratic society finding strength through diversity.
    Remember that the Internet and TCP/IP were developed to create a network of autonomous systems. History seems to show that consistently those technologies that require lockstep central control will falter and those allowing flexible interaction will succeed. Consider token ring vs Ethernet’s CDMA architecture, or mainframes vs distributed open systems (***xes and PCs).
    Before we try to do like China but moreso, take a look at this story and think about the checks and balances that are lacking in a centralized system: http://www.msnbc.msn.com/id/34958798/ns/world_news-asiapacific/
    We need to accept that government regulation is necessary, without looking to government to solve everything for us. These days it seems we want government to solve the problems for us but without restricting us from total freedom to do whatever we want. Can’t have it both ways.

  5. [...] PRC Gov Responses to Hacking Allegations – Timeline xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx The Multitasking Fast-Flux Botnet that Wants to Bank With You xxxxxxxxxxxxxxxxxxxxxxxxxx Hackers Brew Self-Destruct Code to Counter Police Forensics [...]

  6. CBRP1R8on 27 Jan 2010 at 12:26 pm

    I think we’re pretty close to saying the same thing @El Brew Ho. I think maybe I didn’t explain it well enough though. What I was considering a layered defense in depth not just within the government but within the critical infrastructure businesses as well as working close with other non-critical infrastructure companies to get them up to speed. Basically, your average worker needs to be brought into the realm of knowledge so that at least they are aware of what’s going on in the cyber world around them.

    For instance my comment wasn’t to say something along the lines of cmda ethernet vs token ring, working with both those systems anyone can see the flexibility is a much better system, but what i’m saying is that redundancy in systems at a network level needs to be brought to the forefront at a national level, not only in military networks but down to the ISP, the commercial companies as well as critical infrastructure. If need be I would hope that it not be government mandated but it might have to be to help move the program along.. WE lose billions daily to this stuff in the economic sector.

    Just looking at the DataLoss DB which keeps track of breaches that are reported (many go unreported daily) but each breach worth 200 bucks it adds up quickly. Oh, btw I ran across this great link today while doing some research on Aurora attacks and but it pretty much states why we need it in this instance and at a minimum to protect at least critical infrastructure. Not only that, but this happened over a year before the Aurora attacks and went unreported.

    http://www.csmonitor.com/USA/2010/0125/US-oil-industry-hit-by-cyberattacks-Was-China-involved

    here’s another one that a buddy sent me on NYT post but its more along the 5 w’s of the aurora attacks…

    http://www.nytimes.com/2010/01/26/world/26cyber.html

    Bottom line…we need to get people on the same page…and work together to solve this…government, critical infrastructure and big /small business…

  7. thePullon 27 Jan 2010 at 7:36 pm

    ***The People’s Daily, however, didn’t take the speech calmly.

    “Behind what America calls free speech is naked political scheming. How did the unrest after the Iranian election come about?” said the paper. “It was because online warfare launched by America, via YouTube video and Twitter microblogging, spread rumours, created splits, stirred up and sowed discord between the followers of conservative reformist factions.”

    ***

    So, in these guy’s eyes, Iran’s Ayatollah, far right wing, crazy mullah government equals good?

    Funny how totalitarian supporters show they can always set aside political or religious differences in the name of tyranny, their only real love.

    I truly doubt that editor speaks for the entire chinese people and government, of course. Does anyone really want to live in bondage to arbitrary, morally inferior people?

    Haven’t we all learned on this little planet Dark Ages == Bad?

    I know this is rocket science, but seriously.

    And as for the US “starting” the move towards freedom in Iran? I guess, in a sense, we sure did. 1776. Yes, freedom is in our best interests. Freedom and and the rights of man.

    *Not to take all the credit for the freedom thing*. Just would be nice if Chinese stood forward and tried to take some anti-tyranny credit themselves!

    This sort of backlash is horribly apparent to the world. I am very sure it is not at all apparent to totalitarianist figures drowning in their power and “yes men” always confirming their delusions… but you put this stuff on the international stage — it doesn’t fly. It is horrible.

  8. doesnt_matteron 27 Jan 2010 at 9:28 pm

    How do you know the youtube videos and tweets were not, in fact, created by some organization beholden to us.gov?

  9. doesnt_matteron 27 Jan 2010 at 9:46 pm

    CBRP1R8 proposes that .gov tell businesses 1) how to react to world events and 2) how to react to media reports and 3) how to bulk up to defend against possible future world events.

    This idea is different than China’s .gov *how* ?

  10. doesnt_matteron 27 Jan 2010 at 9:47 pm

    <—–remembers Oliver North. .gov sheet happens.

  11. CBRP1R8on 29 Jan 2010 at 12:27 pm

    @doesn’t_matter- 1) because the .gov as you put it isn’t telling us how to react to events its the fact that they need to give companies the information that they may know (intelligence wise) to react to these events in partnership with the goverment to protect private networks.

    2) lol, you are kidding right…free speech baby…the ability to research all news outlets for our own opinions on a matter is rule #1..not take all the cnn crap propoganda they try to feed you but the ability to research and come to a decision on your own (business or personal) and that is different to the GFW china has in place …can they find ‘freedom of speech’ ? can they search tianamen sq? Can the “average” person do this stuff without getting stopped by the GFW?

    3) no i’m not saying that they have to tell business how to defend itself, i’m saying it should be a partnership that helps business..critical infrastructure is an entirely different animal however and should be deeply partnered with .gov because an attack on crit infrastructure could be seen as an act of war against the nation itself…just as if I were to go to another nations miltary hq and set off a bombing taking out a critical function of security of that nation…

    4) Ollie for President….:D

  12. CBRP1R8on 29 Jan 2010 at 12:35 pm

    oh and 2 more links today..to support some movement forward…

    http://www.darkreading.com/security/attacks/showArticle.jhtml?articleID=222600355

    http://news.asiaone.com/News/Latest%2BNews/Asia/Story/A1Story20100127-194834.html

    and this one, although a fake site…what if the rest of the article is right and Baidu was the one now implementing this new “code” on their site garnered directly from google…

    http://www.itworld.com/internet/94556/fake-google-search-engine-emerges-china

  13. thePullon 29 Jan 2010 at 5:09 pm

    **How do you know the youtube videos and tweets were not, in fact, created by some organization beholden to us.gov?***

    Occam’s friggin razor.

    Iran has a huge youth population that is relatively modern, of course this is a long expected and natural result of youth to codgy, world attacking, overly conservative establishment.

    Further, what does one expect from Iran’s establishment, they are making all sorts of completely unnecessary problems for themselves with all of their nutty, religious fanatic moves. (None of which I see as benefiting China in the slightest, either. Does China want to trade with a stable country, or an unstable, religious fanatic country with a restless population??)

    Beyond this, I run across persians here and there, iranian-americans who have given me their opinions of things there, and have heard others. (There are a ton of second and first gen iranian-americans here, invariably they have all expressed such opinions as the current leadership being nuts. Granted, many of the persians I have or know here did come over because of the iranian revolution. But this is also observable online.)

    Also, because of how difficult and unnecessary this would be for the us.

    Nevermind the fact that historically, we have done terrible – terrible – at penetrating closed societies. For instance, with iraq we apparently only had a few people “on the ground” there. Historically, while we have had some intel successes, by far and wide, clearly we have been vastly ignorant on many matters — the india nukes, never penetrating North Vietnam, the **fall of the Iron Curtain**, the list just goes on and on and on.

    Finally, as roosevelt said, the guy behind the cia’s regime change of iran in the early fifties… ‘we could only have done that because the people wanted that and backed it, we should never try that otherwise’. Ironically. And that is a very true sentiment, observable from history and common sense.

    Might the US or other nations have aided some of this? No idea. I know from working in free speech stuff (Hacktivismo) we got zero funding — and even now with Clinton talking this stuff up, sheesh, 15 million? That is nothing. A pittance.

    It is conceivable, maybe, some secret thing went on, but what? Frankly, I would have liked to have seen *more video* from Iran exposing the tyranny. Funded by us. But, why? Who doesn’t have cell phones there and can’t upload to youtube? Pretty common sense. It is the natural evolution of society. It does not need governmental prodding.

    Today, because of the info revolution, and the various other advances of the Free World principles (not that anyone can not later join in, and I believe all eventually will, for everyone’s best good)… tyrannical systems can not operate as they did in the twentieth century.

    Hitler and Stalin could only succeed at what they did because they could hide it.

    When it got exposed, as it got exposed, if it got exposed, this brought on international movement and condemnation.

    (One who has studied other later regimes and these can consider that these regimes themselves and how exposure helped their downfall. Ultimately, with the Soviets it was from exposure of the misdeeds and mistakes that were hidden, which their own people – Gorbachev and crowd – went about finalizing. Without a consensus in Russia, that fall never would have happened. And it wasn’t a fall, was it?? Obviously, for Russia’s greater good.)

    Pol Pot, was able to keep going for awhile because there was still a lot of “hiding” possible. Rwanda happened relatively quickly, but had it been slower, less burst, more continued, I am certain we would have seen it be stopped by the world… which did help, eventually, though the rwandan’s themselves were the heroes there.

    Darfur is a good example of how this works. Sudan had been having serious problems for years, but as the info revolution allowed for more communication between concerned global citizens online… a movement was made, and helped, despite the lack of more technically available population to say, have internet access, access to free world philosophies, cell phone cameras, and the like.

  14. thePullon 29 Jan 2010 at 5:25 pm

    I should add here: the big thing that stands out to me is this myth some commentators from China have expressed that we are against their best interests, or for our own best interests.

    Yes, of course, someone who works for their nation – just like them – have an obligation to work for their own best interests.

    But, let’s reason this out. Why is China succeeding now? Because of the cultural revolution that nearly decimated everything unique and Chinese China has to offer the world??

    No, because of where and how they did open their society and economy.

    These foundation of “the Free World” is on solid, workable principles which make sense.

    Frankly, China’s “keeping back” is their own doing, by my book, and is everything they do which is not like what free world nations do.

    And it isn’t us they are competing with. That is only psychological, the whole “superpower” stuff. Or the problem of China having been such an advanced empire, and is, and culture… and never really getting the input on the world, as they should have had.

    They are competing with India and every other country emerging today to join us.

    In the best case scenario, I believe, everyone has to work together, and honestly and as transparently as possible.

    The corruption which such a system as China has… is directly routed to both the very western and perverted political system they embraced… a system we have already seen proven to be a failure, again and again… a system directly opposed to free world principles.

    It is also Chinese, as I have had chinese point out to me. It is effectively the ‘way it was’, only with different names, different people — same system you see the guys in the 19th century and so on fighting against.

    It is better, though, and hopefully will get better.

    But that requires vision, foresight from Chinese in the position to do it.

    It requires these people to lead, take charge… in the right direction: a direction that makes it better, easier for them to have internal countability, which can only be done by opening up the political system, the religious system, and the media system.

    How would that then hurt US interests? It would challenge us, I am sure. Because we can only compete because of these open, divergent systems we have in place. That is how we internally compete and keep the diversity required alive in these environments — the very diversity which produces excellence through competition.

    With all of this stuff China is clearly doing – and we all know the score – they are hurting themselves in the global eye. I do not want to see anyone feeling like this is a “fight” or they are “against the wall”.

    It can be hard for individuals to say, in leadership positions, “this is not working, I had that idea, but I now want to change directions”. Hitler used to never play games because he “saw it as not becoming a leader to lose”, for instance.

    But that is the right and best way.

    Look at Churchill. Who remembers his past years pre-Hitler? Or much of his struggles with alcohol or anything? It was his glowing, prime moments that defined the man, and rightly so.

    :)

  15. CBRP1R8on 01 Feb 2010 at 11:45 am

    woah, crazy as it sounds, you mentioned the recent protests in iran…my wife is right up there in that….she’s iranian born in abajan and her family still lives there all over from tehran to the south….

    Its funny that you mentioned just for the fact that during that she was one of those tweeting or whatever you call it everything that was going on and posting and reposting thousands of links and pictures…

    they got so bad that the 2nd she posted them they would delete them..she get up set an I’d hear her yelling and cursin’ in the computer room and then pasting them in again..lol…

    she had direct inside scoop as to what’s going on in country thru her family’s network (iran, turkey, greece etc) when phones were working she’d get pictures and calls, when it wasn’t she’d be on posting stuff…hacktovist…

  16. doesnt_matteron 02 Feb 2010 at 12:45 am

    And yet, Iran’s Green Army nearly caused an international incident with China’s Baidu; that’s really pretty far from Occam’s razor, where is there a rational motive for that other than testing one’s wings?

    IMO eagles everywhere are stretching their wings, and flight amongst them all should not be unexpected by anyone. What makes you think the US would refrain from taking flight in a world where dominance might depend on it?

    I repeat, how do you *know* that attacks on US corporations who may be doing active business with foreign countries are not being infiltrated by US operatives under the guise of foreign proxies thus masking their source. Without the cooperation of China to track down those sources, you can not possibly make an accurate assumption.

    I refuse to be swayed by political rhetoric and yet proof can not be had.

  17. [...] The Dark Visitor: http://www.thedarkvisitor.com/2010/01/prc-gov-responses-to-hacking-allegations-timeline/ [...]

  18. Tom - 大肚腩on 08 Feb 2010 at 4:07 am

    Strange how doesnt_matter floats conspiracy theories about tweets being the work of some .gov program, yet turns around and accepts on blind faith that baidu was actually hacked by the Iranian Green Army, because somebody redirected via DNS baidu to some site that hosted the same image that was used during the Twitter hack.

    For all I know baidu redirected their DNS temporarily on behalf of the CCP to some site they set up with a screen cap of the twitter hack in order to support claims by the CCP that they are the objects of hacks too.

  19. CBRP1R8on 08 Feb 2010 at 3:34 pm

    http://www.cnn.com/2010/TECH/02/08/china.hackers/index.html

    its fm cnn so take it w/ a grain of salt to the validity…but its another datapoint

  20. Chason 08 Feb 2010 at 4:31 pm

    The “China Code” claim is questonable IMHO:

    - The Register found the 4-bit CRC algorithm in a 1988 Novell programming book.

    - Variable names are stripped out during compile. Google “crc_ta[16]” gets bunch Chinese sites, but google “crc_table[16]” turns up code snippet outside China.

    - The code in the Chinese whitepaper doesn’t even match Aurora. Aurora machine contains a 12-bit shift optimization (found as early as 1988 according to The Register article):

    crc16 >> 12

    however the code passed around on Chinese sites is unoptimized code using two divisions:

    ((uchar)(crc/256))/16

    Details people, details.

  21. [...] Dark Visitor har lavet en tidslinje fra 2004-2010. Den viser udmeldinger fra den kinesiske regering, og hvad den har svaret på beskyldninger om kinesiske hackere. [...]

  22. gao yulongon 11 Feb 2010 at 7:43 am

    Any thoughts about recent reports:
    China says it shut down online academy for hackers, found in LA Times……….
    Police in Hubei province announced to the Chinese media over the weekend that they had closed down the operation, which state media said was the largest training site for Chinese hackers, and arrested three of its ringleaders. Black Hawk is accused of collecting more than $1 million in tuition from 12,000 subscribers and 170,000 others who took its online courses, according to Chinese media.
    by Barbara Demick ?????

  23. jumperon 11 Feb 2010 at 10:39 am

    @gao_yulong I was at shmoocon over the weekend and didn’t get a chance to post anything about it. I’ll get back on the ball soon.

  24. gao yulongon 12 Feb 2010 at 7:02 am

    When time permits gives your read on event at ….DC
    Snow, snow, snow
    inside………busy, busy, busy

  25. gao yulongon 19 Feb 2010 at 7:38 am

    The New York Times reported that the attacks have been traced to computers at China’s Shanghai Jiaotong University and the Lanxiang Vocational School. Any insights to this recent story in the “Times”?
    Found here: Google Probe Studies Role of China Schools
    http://online.wsj.com/article/SB10001424052748703787304575074703728470246.html

  26. jumperon 19 Feb 2010 at 12:16 pm

    Just made a new post about it. Interesting development. It would be nice if there was more than an IP address to go on though.