Four employees of a Shanghai-based Internet security solution provider were arrested on July 24. They were suspected of attacking the servers of Ourgame(www.ourgame.com)in order to sell their firewall products to the online game portal.
The attack was launched in May as Ourgame debuted a new game. Soon after the attack, the Shanghai-based company contacted Ourgame, claiming their firewall product, priced at nearly 1 million yuan, would "effectively block such attacks." The Internet assault lasted for nearly one month, resulting in a loss of several million yuan for the game portal, before the police uncovered the suspects.
"We had expected the number of gamers concurrently online to reach no less than 10,000 in one month after the launch, but due to the attack, the result was only a few thousand," said a staff member surnamed Huang, who works in the marketing department of Ourgame.
A rising tide of hacker attacks, including online privacy infringements, virtual property theft and online bank account information theft, has given rise to security concerns and weakened users' confidence in the Internet in the past couple of years.
According to a report this year by iResearch on China's personal Internet security, a major threat to Internet security today is the risk of transaction platform account password theft by Trojan Horse viruses.
"Different from old-fashioned hackers who took great pleasure in showing off how tech savvy they were, malicious code writers today are profit-oriented," said Huang Chengqing, Secretary General of the Internet Society of China, at a high-profile seminar on China's legislative efforts to combat malicious codes on August 28. "They have turned identity theft and confidential information theft and sale into a lucrative ‘black' business."
According to the National Computer Emergency Response Technical Team/ Coordination Center of China (CNCERT/ CC), the black industry chain of online crimes currently has an annual worth of over 238 million yuan while resulting in a loss of over 7.6 billion yuan.
Online crimes today pose a severe threat to the Internet where more and more users have gotten used to and even rely on a variety of applications, such as stock trading services and online shopping portals.
According to iResearch, 80 percent of China's 40 million online bank subscribers transact or trade stocks online. The aggregate volume of transactions online in the third-person payment market in the first quarter this year surpassed 16 billion yuan, representing a four-fold year-on-year increase.
Anti-virus software and firewalls are unable to deal with the number and sophistication of new viruses. "There are many weaknesses in the functions of China's Internet security system such as crisis prediction, response, prevention and recovery," said Liu Deliang, head of the Internet law research center at Beijing University of Post and Telecommunications. "Besides, the mind-boggling applications produced by hackers call for swift and effective legislation on online privacy protection, database protection, digital signature certification services and other visionary efforts."
In the spotlight
Network intrusion and attack (including the Trojan Horse attack), and Internet worms are the two major targets of complaints from Internet users in China, according to the 20th survey report on Internet development in China from the China Internet Network Information Center, released on July 18.
A now notorious virtual property theft last September in Guangzhou was a vivid example of hacker intrusion. Three hackers intruded into the system of Chinagames (www.chinagames.net), stole the account information of around 700 gamers and made a profit of 1.4 million yuan by transferring 2.2 billion gold coins in the accounts into their own accounts and selling them to other gamers. The Futian District People's Court in Shenzhen sent three hackers involved in the theft to jail for one to two years for "committing the crime of destroying computer information systems," on August 15.
Another incident that made the spotlight recently was that of a Chinese woman, naked photos of whom, kept in the encrypted online album of a foreign man, were stolen and widely posted on China's BBS network. Curiosity pushed some Internet users to dig out her education and employment information as well as that of the album owner. Facing a flood of reprints and comments, the unwitting victim had to call websites one by one, in an attempt to minimize the devastating effect on her life and career.
The Industry and Commerce Bank of China attempted to tackle the hacker problem in its online banking services on August 21, after 300 victims of bank account takeovers, who were users of the bank's services, had filed a lawsuit against its hesitation in addressing the problem. The victims had fallen prey to identity theft in the previous three years, with the money stolen from their accounts exceeding 2 million yuan. Denied help from the bank, the victims teamed up to fight their cause and established the website www.ak.cn.
An announcement on the bank's web- site said that in the view of their experts a majority of the takeovers were the result of users' ignorance in keeping their account passwords safe. The bank denied any vulnerability in its online banking system.
The bank adjusted its online transaction rules for individuals recently. Since September 1, users with only a password to log in are allowed a daily transaction amount of 300 yuan (the previous amount number was 5,000 yuan before). The bank also plans to promote other security measures including a USB Shield, a kind of digital signature tool that stores customer IDs and creates a digital signature for electronic