China worries hackers will strike during Beijing Olympics

While CNN recently faced distributed denial-of-service attacks  from Chinese hackers angry about the television network's coverage of a recent Chinese crackdown in Tibet, Chinese security officials remain worried hackers will strike while the Olympic Games are being held in Beijing.

"Based on historical experience, many hackers seeking to make a name for themselves view the Olympic Games as a challenge and a target, and the Beijing Olympics may face attacks from individual hackers, groups, organizations, as well as other countries and those with all kinds of political motivations, therefore the network security situation is very grim," China's National Computer Network Emergency Response Technical Team (CNCERT) said in a report released earlier this month.

A high-profile attack on Chinese computer systems during the Beijing Olympics would be a serious blow to organizers and the government, which has worked hard to position the Games as a celebration of the economic and social strides made by China since embarking on reforms 30 years ago.

"It's very important for the government to make this successful," said Jim Fitzsimmons, a security consultant in Shanghai. "They are taking this issue very, very seriously."

The urgency of tighter network security for the Olympic Games was highlighted at a recent conference in the southern city of Shenzhen, jointly organized by CNCERT, the Internet Association of China, and China's Working Committee on Information Security, where Xi Guohua, a vice minister at the Ministry of Information Industry, called on participants to spare no effort to boost network security in China ahead of the Games.

Among moves the Chinese government has taken to tighten network security during the Olympics, it created a special response team in Beijing that will monitor systems for signs of attacks and then respond if one is detected. The response team's job won't be easy. The prevalence of malware in China means maintaining network security during the Olympics will be a significant challenge.

Fifty-eight percent of bot-controlled computers  -- systems that can be controlled remotely to launch denial-of-service attacks or send spam -- are based in China, according to CNCERT's 2007 estimates, which place the total number of bot-controlled computers in China at 3.6 million, out of an estimated total of 6.2 million.

In addition, computers infected with trojan software, which can give a hacker back-door access to a computer, are also a growing problem. Last year, random checks by CNCERT identified 995,000 Chinese computers that had trojan software installed, compared to 44,717 computers identified in 2006 -- an increase of 2,125 percent.

"China's IT space is really one of the most malware-ridden in the world," Fitzsimmons said, attributing the problem to widespread use of pirated software and a lack of attention to security management, such as applying software patches that fix vulnerabilities.

"In terms of platforms that people could attack in China, or subvert to attack something else, there's quite a bit out there," he said.