Sunday, April 20, 2008

Pro-China Hackers Call Off Planned Attack On CNN: They Want Apology For Covering The News

By Robert McMillan

April 19, 2008
IDG News Service

A planned cyberattack against CNN's Web site fizzled out Saturday as the group backing the event called it off.

"Our original plan for 19 April has been canceled because too many people are aware of it and the situation is chaotic," wrote a group called "Revenge of the Flame," according to a translation posted on the Dark Visitor Blog. "At an unspecified date in the near future, we will launch the attack."

Pro-China hackers had called for the attack in protest of the news network's coverage of Tibet, which they believe has been overly critical of China. Participants had been instructed to flood CNN's Web site with Internet traffic in hopes of knocking it offline, something known as a distributed denial of service (DDOS) attack.

Some had begun hitting the site ahead of the April 19 attack date.

On Friday CNN reported that it had been attacked Thursday causing the site "to be slow or unavailable to some users in limited areas of Asia." The net effect of the attack was "imperceptible," CNN said.

Network monitoring company Arbor Networks observed that was hit with a minor 14-MB-per-second attack that lasted about 21 minutes, according to Danny McPherson, the company's chief research officer.

Copyright © 2008 IDG News Service. All rights reserved. IDG News Service is a trademark of International Data Group, Inc.

CNN Faces Cyberattack Over Tibet Coverage

By Thomas Claburn

Scott J. Henderson, who runs The Dark Visitor, a blog that follows Chinese hackers, warns on his site that Chinese hackers have posted calls for people willing to participate in a DDoS attack on CNN to punish the network for its coverage of the Chinese crackdown in Tibet. He has listed the URLs for seven sites seeking hackers willing to participate in the attack.

According to Henderson's translation of a post on a Guilin University of Electronic Technology bulletin board, the attack is support to start in earnest at 8 p.m. on April 19 in Beijing, which would be 8 a.m. Saturday in New York.

In an e-mail, Henderson explained that attacks on CNN are being driven by recent reporting that depicts China in an unfavorable light and to coincide with protests in Europe that are planned for April 19. "Some of the Chinese hackers want to relive the glory days of the Sino-U.S. cyberconflict," he said.

With CNN prepared for such an event and growing publicity, it's far from clear that a serious attack will materialize. Some rumored cyberattacks, such as the Nov. 11, 2007, al Qaeda attack that was supposed to affect Western, Jewish, Israeli, Muslim apostate, and Shiite Web sites, never occur.

In fact, as this story was being filed, Henderson called to say that the organizer of this attack now wants to call it off because of the publicity surrounding it. He said it's not clear whether the call to stand down will be observed.

China on Thursday called for a "sincere apology" from CNN for remarks made by network commentator Jack Cafferty, who earlier this month called Chinese leaders "goons and thugs," a move likely to amplify CNN's disrepute among Chinese nationalists.

Henderson said he couldn't predict whether the attack would actually take place or be effective. "However, the Chinese hackers do have quite a bit of experience at this and if they can get the numbers together I imagine they could be highly effective," he said. "Do they have the numbers? Oh, yes, without including botnets they have on hand, the Red Hacker Alliance is made up of well over 300,000 members."

Hacking attacks in support of Chinese nationalism have risen in conjunction with unrest in Tibet. McAfee last week reported that some visitors to pro-Tibet Web sites have had their computers infected with the Fribet Trojan, which allows the attacker to alter files, install additional malware, or monitor input. About a month ago, F-Secure said that pro-Tibet-themed e-mail messages were sent out containing links leading to sites that launched malware attacks. Also in March, Sophos documented infected images related to Tibet.

That same month, the FBI began looking into reports from the Save Darfur Coalition, which has been critical of China, that its e-mail accounts had been compromised by hackers.

No comments: