Just wondering. Is the Chinese Government being set up? One has to wonder why a year-old report by a British spy agency was only recently leaked to the press. Among other things, the report claims that free USB memory sticks loaded with trojan software was given to business leaders and lawyers at various Chinese trade events. Another report recently in the press indicates that classified documents from government and private organizations “including the computers of the Dalai Lama and Tibetan exiles” were hacked into. Really? The Dalai Lama? Another report indicates that oil drilling data was purloined by servers in China.
Given none of these attacks have any real direct linkage to the Chinese Government, the only two factors being used to implicate the Chinese Government relates to the sophistication of the attacks and the fact they originated on servers based in China. This is hardly persuasive evidence that the government was involved. There are any number of governments and large corporations able to perform these attacks. Moreover, the fact that servers in China are being used also does not really indicate anything. According to a report in Information Week, the country that hosted the most phishing sites in the third quarter of 2009 was not China. It was not even close. For example, in September 2009, the United States hosted 75.76 percent of all reported phishing sites. China came in third place with 3.44 percent. It is likely that of the US-based servers used, many were used by foreign attackers looking to cover their tracks.
Similarly, it seems like a odd coincidence that oil data theft and so many other intellectual property hacking incidents are only being traced to Chinese servers when the Chinese Government – if culpable – could have easily used US-based servers to cover their tracks. In other words, let’s not be so quick to blame the Chinese Government for attacks that could very easily have been done by other sophisticated hackers or simply Chinese citizens working on their own initiative.