Cyberdefense a big concern in China after NSA reports

Everyday Web users worry over vulnerabilities

BEIJING — When it comes to cyberattacks, China is often seen in the West as a fierce aggressor — the ultimate hacking threat to American government and businesses.

In China, however, Internet users are increasingly preoccupied with their own vulnerability. Cybersecurity, in many ways, is a more widespread problem here than in the United States, according to industry experts.

Holes in China’s systems are more numerous, and its public less protected. Worry about those vulnerabilities has surged after disclosures by National Security Agency contractor Edward Snowden about US operations to hack into Chinese Internet traffic hubs and cellphone companies.


The latest revelations, in documents provided to the Washington Post, showed that China was among the top targets of cyber-operations carried out by US intelligence services in 2011.

Get Today's Headlines in your inbox:
The day's top stories delivered every morning.
Thank you for signing up! Sign up for more newsletters here

But the threat to Chinese computers comes not simply from foreign agents, technology experts say. Increasingly, officials and business leaders are also worrying about the widespread damage caused by China’s own hackers.

Now, officials in China’s government and the cybersecurity sector are pushing for a national strategy to protect information in the country’s computer systems. Demand for Chinese-made tech security products is up, industry analysts say. And many Chinese are calling for a ban on US hardware in sensitive sectors of government and industry.

‘‘For those in the industry, we really need to thank Snowden,’’ joked Tony Yuan, founder of Netentsec, a Beijing company selling firewall hardware and Internet filter tools.

Government and company officials who once saw information-technology security as an unnecessary cost, he said, have suddenly become interested in upgrades. ‘‘Now, you just mention Snowden as an example, and they easily understand the need for something like next-generation firewalls.’’


Many industry analysts believe China reserves its best defensive cybersecurity technology for elite echelons of the military and the ruling Communist Party. But for most people in China, computer security is poor, and the damage caused by everyday hacking is immense.

The threat is the result of China’s huge pool of hacking talent, a culture of corruption, and a lack of enforcement.

‘‘In the US, if you’re local and you hack someone else, you’re going to jail because law enforcement has built up the tools and awareness for that,’’ said Richard Bejtlich, chief security officer at Alexandria, Va.-based firm Mandiant, which specializes in cyber-forensics. ‘‘In China, you get the sense there’s a lot of activity but not much institutional ability to deal with it.’’

One government-commissioned survey estimated 60 percent of China’s Internet users have lost personal data online. Another study last year estimated the economic cost of hacking in China at $852 million.

In the past two years, Chinese criminals have stolen several databases with millions of log-ons and passwords in a series of raids on China’s largest Web portals and retailers. Companies in China have been known to use hackers to spy on their competition, immobilize their websites, and sabotage payment systems, Chinese security experts say.


Scams have even allegedly been perpetrated by China’s cybersecurity industry itself.

‘You get the sense there’s a lot of activity but not much institutional ability to deal with it.’ — Richard Bejtlich, chief security officer at Mandiant

One of China’s larger antivirus firms, Rising, was accused in recent years of creating and spreading computer viruses, then bribing a Beijing security official to issue alerts for online users to download Rising’s antivirus software to combat them. (The Beijing official received a suspended death sentence for bribery, but the company continued to deny wrongdoing.)

‘‘There’s significant control in some areas, but in others it’s just the wild, wild West,’’ said Tom Creedon, a longtime cybersecurity expert specializing in East Asia.

One reason computers in China are so vulnerable is the widespread use of pirated software, including in government ministries and state-owned companies.

While licensed software such as Windows and Microsoft Office receive frequent security updates to patch exploitable holes, pirated versions don’t. Some hackers have been known to seed the Internet with free copies of software to which they have added unique vulnerabilities, so they can later sell such backdoor access to other people, experts here say.