Salesman: Hackers use Chinese company's servers

Feb 11, 2011 By JOE McDONALD , AP Business Writer
In this file photo taken on Friday, March 12, 2010, people use computers at an Internet cafe in Fuyang, in central China's Anhui province. China has the world's biggest population of Internet users, with more than 450 million people online, and the government promotes Web use for business and education. But experts say security for many computers in China is so poor that they are vulnerable to being taken over and used to hide the source of attacks from elsewhere. (AP Photo) CHINA OUT

(AP) -- A Chinese man cited by a U.S. security firm as being linked to cyberspying on Western oil companies said Friday his company rents server space to hundreds of hackers.

The disclosure highlighted the pervasiveness of both professional and amateur hacking in China, a leading source of Internet crime. But it also left open the possibility that the hackers cited in a report Thursday by McAfee Inc. might be non-Chinese who concealed their identities by routing thefts through computers in China.

The man cited by McAfee, Song Zhiyue, is a salesman for a company in the eastern city of Heze that rents server space. He said he has heard of Chinese hackers targeting U.S. but he declined to comment on McAfee's report. It said Song provided crucial infrastructure to the hackers but wasn't believed to be the mastermind.

"Our company alone has a great number of hackers" as customers, Song said in a telephone interview. "I have several hundred of them among all my customers."

Song said hackers using his company's services had an estimated 10,000 "meat computers" controlled remotely without the owners' knowledge. He said "yes" when asked whether such activities might be improper but he said Chinese authorities never have contacted him about them. He hung up the phone when a reporter asked for other details.

McAfee said the hackers broke into computers of oil and gas companies in the United States, Taiwan, Greece and Kazakhstan and stole sensitive information about bidding on oil and gas fields, operations and financing.

McAfee's report gave no indication that China's state-owned benefited from the spying. But Chinese energy companies are expanding abroad and such information could be useful as they compete for access to oil and gas resources.

Spokesmen for several American, British and Greek oil companies said they either were unaware of the hacking or could not comment on security matters.

A vice president of Taiwan's biggest oil company, Chinese Petroleum Corp., said it had detected no hacking of its computers. The executive, Paul Chen, said it would investigate.

China's police ministry did not immediately respond Friday to questions about whether it knew of the attacks or was investigating them. Taiwan's computer crime office was not aware of the attacks, said a police official. He spoke on condition of anonymity because he was not permitted to talk to reporters.

Security experts say China is a center for , including espionage against major companies. The government denies it is involved but experts say the high skill level of some attacks suggests the Chinese military, a leader in cyberwarfare research, or other agencies might be stealing technology and trade secrets to help state companies.

McAfee said the attacks in its report began in November 2009. It said extraction of information occurred from 9 a.m. to 5 p.m. Beijing time on weekdays, suggesting those involved were working a regular job, not freelancers or amateurs. It said they used hacking tools of Chinese origin that are prevalent on Chinese underground hacking forums.

The hackers expressed a strong interest in financial information, according to Dmitri Alperovitch, McAfee's vice president of threat research.

Thousands of Chinese computer enthusiasts belong to hacker clubs and experts say some are supported by China's military to develop a pool of possible recruits. Experts say military-trained civilian hackers also might work as contractors for companies that want to steal technology or business secrets from rivals.

China has the world's biggest population of Internet users, with more than 450 million people online, and the government promotes Web use for business and education. But experts say security for many computers in China is so poor that they are vulnerable to being taken over and used to hide the source of attacks from elsewhere.

Last year, Google Inc. closed its China-based search engine after complaining of cyberattacks from China against its e-mail service.

That case highlighted the difficulty of tracking . Experts said that even if the Google attacks were traced to a computer in China, it would have to be examined in person to be sure it wasn't hijacked by an attacker abroad. Beijing has yet to respond publicly to U.S. Secretary of State Hillary Rodham Clinton's appeal last year for an investigation of the Google attacks.

Explore further: Google searches hold key to future market crashes

More information: McAfee Inc.'s report: http://bit.ly/hvV38n

5 /5 (1 vote)
add to favorites email to friend print save as pdf

Related Stories

Report: Hackers in China hit Western oil companies

Feb 10, 2011

(AP) -- Hackers operating from China stole sensitive information from Western oil companies, a U.S. security firm reported Thursday, adding to complaints about pervasive Internet crime traced to the country.

Chinese army must deal with cyberwarfare: state media

Dec 02, 2010

China's army should seriously consider how to deal with cyberwarfare amid severe threats to online and information security, state media said Thursday, days after authorities detained hundreds of hackers.

Google complaint highlights China-based hacking

Feb 03, 2010

(AP) -- Google's accusation that its e-mail accounts were hacked from China landed like a bombshell because it cast light on a problem that few companies will discuss: the pervasive threat from China-based cyberattacks.

Chinese police shut down hacker training business

Feb 08, 2010

(AP) -- Police in central China have shut down a hacker training operation that openly recruited thousands of members online and provided them with cyberattack lessons and malicious software, state media said Monday.

China rejects claims of Internet hacking attacks

Jan 25, 2010

(AP) -- The Chinese government denied involvement in Internet attacks and defended its online censorship Monday after the United States urged Beijing to investigate complaints of cyber intrusions in a dispute ...

Recommended for you

T-Mobile deal helps Rhapsody hit 2M paying subs

11 hours ago

(AP)—Rhapsody International Inc. said Tuesday its partnership with T-Mobile US Inc. has helped boost its number of paying subscribers to more than 2 million, up from 1.7 million in April.

Airbnb woos business travelers

12 hours ago

Airbnb on Monday set out to woo business travelers to its service that lets people turn unused rooms in homes into de facto hotel space.

User comments : 0