http://www.washingtonpost.com/wp-dyn/content/article/2010/02/14/AR2010021403817.html?wpisrc=nl_tech
China leads the world in hacked computers, McAfee study says
By Ellen Nakashima
Washington Post Staff Writer
Monday, February 15, 2010
More private computers were commandeered by hackers for malicious purposes in
China in the last quarter of 2009 than in any other country, including the
United States, according to a new study by an Internet security company.
These "zombie" computers are often grouped into "botnets," or armies of
infected computers that can be used to send spam e-mail or attack Web sites,
according to McAfee, a Silicon Valley security firm. The company, which said it
collects information about Internet-based threats that target more than 100
million computers in 120 countries, said that in the last three months of 2009,
about 1,095,000 computers in China and 1,057,000 in the United States were
infected.
Those numbers are in addition to 10 million or so previously infected computers
in each country, McAfee said.
The prevalence of botnets is a sign of how vulnerable computer networks are to
infiltration, a subject of increasing international debate as companies and
governments seek to defend their computer systems from intruders.
Last month, Google announced that its networks had been penetrated by attacks
originating in China. The Chinese government denied any involvement, saying
that hacking in is against the law. There was no indication that the attack
involved botnets, experts said.
In a Jan. 21 speech about Internet freedom, Secretary of State Hillary Rodham
Clinton advanced the notion of cyberspace as a "global networked commons" and
urged the creation of "norms of behavior" among states. Echoing a key principle
behind NATO, she said: "An attack on one nation's networks can be an attack on
all."
She declared that "countries or individuals that engage in cyberattacks should
face consequences and international condemnation."
Some experts have said that Clinton's call for accountability and norms is
complicated by the fact that the United States has so many infected computers.
"The government could crack down on botnets, but doing so would raise the cost
of software or Internet access and would be controversial," Jack Goldsmith, a
professor at Harvard Law School, wrote in a recent opinion piece in The
Washington Post. "So it has not acted, and the number of dangerous botnet
attacks from America grows."
Indeed, Stewart A. Baker, a cyber expert and former assistant secretary for
policy at the Department of Homeland Security, said he would like to see a few
leading nations develop "effective national norms aimed at eliminating zombie
computers." Companies could be encouraged or required to comply, he said.
One Internet service provider has begun a voluntary service to notify customers
when their computers have been infected by bots, viruses and other online
threats. Philadelphia-based Comcast, which has 15 million non-commercial
customers, began the program last fall. Such initiatives, some experts said,
could start to clear out the "noise" in the networks and could help in
identifying higher-order threats that could compromise critical computer
systems.
One reason computers in China are so vulnerable to botnets may be that software
piracy is common and computer users often have not updated the patches on their
machines, said George Kurtz, McAfee's worldwide chief technology officer.
In fact, the number of zombie computers in a country says more about the
vulnerability of the computers than about who infected them, Baker said. A
nation that might want to use botnets as part of an attack probably would want
to have its own computers bot-free and commandeer computers in other countries,
he said.
China has steadfastly denied that it supports or engages in hacking and that it
penetrates U.S. firms' computers to steal technology and trade secrets to help
state companies -- whether by bots or any other tool.
Such "remarks are groundless," Peng Bo, an official with the Internet bureau
under the Information Office, said in remarks to the New China News Agency. "In
fact, China is the country worst hit by worldwide hackers."
Experts say that the United States, which is highly networked and dependent on
the Internet for commerce and the running of industry, is the most vulnerable
of all countries to cyberattack.
At the same time, the United States is considered the most worrisome potential
aggressor, according to McAfee, which in a separate recent survey of 600
technology and security executives of firms around the world found that 36
percent feared the United States and 33 percent feared China as potentially
attacking their industries. Russia ran a distant third, at 12 percent.
The result "might simply be a reflection of the raw capabilities and frankly
the raw size of U.S. intelligence agencies," retired Gen. Michael V. Hayden,
former director of the CIA and of the National Security Agency, said in the
report, which was produced in conjunction with the Center for Strategic and
International Studies. The United States also has been engaged in a protracted
debate about how to organize its attack and defense capabilities, which may
have created an "echo chamber" for concerns about such abilities, the report
noted.
That report, issued last month, also found that 59 percent of the executives
surveyed said they believed that representatives of foreign governments had
already been involved in denial-of-service attacks (the disabling of a Web site
by bombarding it with requests for access) and network intrusions to control or
steal data from "critical infrastructure" industries in their countries.
[Non-text portions of this message have been removed]
