According to a report by McAfee, in the last three months of 2009, about 1,095,000 computers in China and 1,057,000 computers in the United States were infected and made part of botnets used to send spam or attack Web sites. Those numbers are in addition to the 10 million previously infected computers in each country.
Stewart A. Baker, the former assistant secretary for policy at the Department of Homeland Security, points out the obvious in the Washington Post article describing the report when he says the number of botnet computers in a country says more about the vulnerability of the computers than about those who infected them. Indeed, having so many hacked computers may indicate that China is not the source of as much malicious conduct attributed to it. Baker points out: “A nation that might want to use botnets as part of an attack probably would want to have its own computers bot-free and commandeer computers in other countries.” Although it would be easy to cynically surmise that US interests are using Chinese computers while Chinese interests are simply commandeering US computers, we have a wide world of hackers that makes assigning blame much more complicated.
While the blame game plays out, China continues to deny any government role in hacking or network exploits and has purportedly cracked down on “hacking training sites” as per this recent article in China Daily. According to the article, Black Hawk Safety Net was the largest hacker training site in China. It openly recruited members, disseminated hacker techniques, sold Trojan software and maintained online forums. Those who ran the Black Hawk Safety Net were arrested under a new Chinese law that criminalized the offering of online attacking programs and software. The article reports that Chinese Police used more than 50 officers to investigate the case.
Although it remains to be seen whether the widely publicized Google attacks emanating from China were orchestrated by the Chinese Government, it does not really matter. What is clear is that these sort of sophisticated attacks are not going away any time soon. Whether attacks are caused by Chinese nationals, the Chinese Government or other foreign hackers, companies need to put their combat boots on and throw away the old rules of engagement. War is being waged against your business. Protect your digital assets or risk everything. It’s that simple.