The day to day, uncontrollable flow of proscribed information into China's borders is
acknowledged and largely understood to be an inevitable side effect of the
information revolution. Video CDs, faxes, and forbidden, pirated paperbacks bring
far more undesirable, unapproved information into China than the still elite Internet.
Authorities decided more than a year ago that attempting to block all undesirable
information on the Internet would be futile and a waste of resources. Industry officials
have noted that router-level blocking and censoring is an increasingly hopeless task;
the government lacks the manpower and the funds to mount a successful blocking
effort. Since that time, the Public Security Bureau has moved away from active
blocking of information and more toward passive monitoring. Individuals that are
"caught in the act" committing a "cyber crime" are then very publicly prosecuted, with the unspoken goal of getting Chinese citizens to censor their own behavior and avoid a potentially heavy
This new, unwritten government policy has dramatically changed the life of Lin Hai, owner of a Shanghai software company. Lin Hai was arrested last April on charges of "subverting the state" because he sold more than 30,000 e-mail addresses of Chinese citizens to dissident publication DacanKao. According to Chinese authorities, Lin Hai's actions constituted "inciting to overthrow the government" an offense that is potentially punishable by death. Critics argued that Lin Hai collected, purchased, and sold Chinese e-mail addresses as part of his day to day online job search business and that the selling of this information was not a politically subversive act. The trial, originally announced for the middle of November, was delayed for several weeks and then rushed through in early December. As of today, the government has yet to issue a verdict or sentence.
In the events following the announcement of Lin Hai's apprehension, China's cyber-security advisors have been exposed to a far more problematic and fundamental challenge to state security than the simple influx of information: cyber warfare and haktivism.
Cracker War On China
On October 26th, the Chinese government proudly announced the official opening of the official China Human Rights web site. Within a day of the government's announcement, Bronc Buster, from the cracker group Legions of the Underground, hacked his way into the site, leaving this message in place of the original site contents:
Chinas [sic] people have no rights at all, never mind Human RIghts. I really can't believe our government deals with them. They censor, murder, torture, maim, and do everything we take for granite [sic] left the earth with the middle ages. The Chinese communist government, is made out a gang of 100+ year old thugs and bullies who hide in seclusion. This pitiful effort of trying to changethe hearts and minds of of the world is a joke!
The hacked site was, surprisingly, left online for nearly 36 hours and then replaced without comment from the China Human Rights site or any other official state spokesperson.
Following late November announcements of Lin Hai's pending trial, Bronc Buster and his associate from the LoU, Zyklon, decided to attack the so called "Great Firewall of China" by hacking firewall server software used to block certain web sites from Chinese Internet users. Bronc Buster claimed he and Zyklon, working independently, had penetrated and disabled 5 firewall servers responsible for shielding the domestic Internet network from banned international sites.
This time there was a public response from the Chinese government. In a December 1st article in Wired News, Yun Shuning, spokesperson for the Chinese Embassy in Washington condemned the individuals responsible. "This is the second attack attack on a Chinese web site from the United States in recent months. If these criminals have broken US law, the we shall pursue and punish them."
Then on Christmas Eve, Hao Jinglong and his brother Hao Jingwen were sentenced to death in Jiangsu province for allegedly breaking into a computer terminal in the Industrial and Commercial Bank of China, and using it to withdraw 260,000 renminbi (US$ 31,000) from eight different bank branches. When the two were arrested last October, they were put on display as the first cyber bank robbers in China. The severity of the punishment highlights government fears of widespread vulnerabilities within the banking system. According to some government estimates, there are more than $64 billion worth of assets exposed on the Internet.
News of the sentencing began wide circulation on the net on December 28th. The same day, crackers identifying themselves as members of the Legions of the Underground declared "cyber war" on both China and Iraq, calling for "the complete destruction of all computer systems" in the two countries. The group, who issued their declaration during an IRC "conference" hours after news of the sentencing, cited the Hao brother's death sentences and overall human rights abuses as motivating factors.
This declaration has drawn an avalanche of criticism from established, hacker associations and publications. On January 7th, a joint statement condemning the declaration was issued by hacker groups 2600, Chaos Computer Club, the Cult of the Dead Cow (cDc), !Hispahack, L0pht Heavy Industries, Phrack and Pulhas:
"... we strongly oppose any attempt to use the power of hacking to threaten or destroy the information infrastructure of any country, for any reason. Declaring "war" against anyone, any group of people, or any nation is a most deplorable act. This only reduces the hacker to the level of the group or country that they are attacking. This has nothing to do with hacktivism or the hacker ethics and is nothing a hacker can be proud of. "
Although the LoU has publicly disavowed the previous declaration of war, the cracker offensive on China appears to be continuing. This past Sunday, a cracker group identifying itself as NIS (Network Intrusion Specialists) hacked the China Human Rights site for a second time. On the following day, it hacked the web site for China's Ministry of Radio Film and Television:
WH4T TH3 ##### 1S H4PP3N1NG T0 TH1S W0RLD N0W? K1LL1NG P30PL3 DU3 T0 H4CK1NG
1NT0 A B4NK? 4FT3R SN1FF1NG TH1S 5TUP1D 4SS C0UNTRY, W3 F0UND 0UT TH4T TH3Y
4R3 M4N4G3 BY A L1N3 0F 0LD B4STARD5 D01NG WH4TS G00D F0R TH3MS3LV3S 4ND N0T
TH3 P30PL3. TH3Y TH1NK TH3Y H4V3 SK1LLZ BUT N0 W3 F0UND 0UT TH4T TH3Y D0 N0T
KN0W J4CK #### B0UT C0MPUT3RS L3T 4L0N3 HUM4N R1GHTS.
TH1S 1S SUPP0SE T0 B3 TH3 C0UNTRYS N3TW0RK F0R T3L3V1S10N, R4D1O 4ND F1LMS 4ND
L0OK 4T H0W E4SY W3 G0T 1NT0 TH3 SYST3M.
Hidden in the document's HTML code comments was a message to the site's operators:
We wish that they will broadcast this live thru all the television
networks in CHINA just to let the citizens know we have their back
Glamorous? No! We r00l that is why you stupid f###nuts get it into
your head. You think you can catch us?.....Try referring to the
book "WHAT IS A UNIX SYSTEM". You might find your answer there.
How the various hacking groups who have infiltrated Chinese government web servers are affecting China Internet policy is difficult to determine at this time. These foreign attacks, or acts of cyber war, against China have mostly been directed at static web pages with little domestic popular appeal. The Human Rights site in English is for foreign consumption. The Ministry of Film Radio and Television's site was not heavily trafficked. Even those Chinese who did venture into the site at this time probably could not decipher enough of the cracker's radical font choices and phrasing style to understand what was being said. Bronc Buster's claim that LoU altered Chinese firewall software in late November is more alarming, but government security specialists have largely given into the fact that they cannot block the flow of data and that to continue the pursuit of this line of control would drain the states financial and human resources. But if the crackers begin to attack critical state institutions, like the banking system or the military, one can be certain the governments reaction will be far more intense.
The ongoing cracker war on China net infrastructure is introducing an unpredictable new variable into the equation of international diplomacy and politics. How China might choose to retaliate against the cracker attacks is difficult to imagine but it highlights bizarre changes in the very fabric of its social space that are challenging traditional concepts of the nation state, borders, and national security.