The number of Chinese computers infected with malware from overseas nearly double last year, according to the country’s computer emergeny response team (CERT).
Foreign-born malware had infected 9 million Chinese computers in 2011, CNCERT claimed in a report yesterday, up from 5 million in 2010. Most of these infected computers were being remotely accessed by computers with IP addresses allocated to the US, it said.
When counting all kinds of cyber attack, including website defacement and denial of service attacks, Japan was the most common foreign source, CNCERT said, followed by the US and South Korea.
Interesting Links
Unlike most country’s CERTs, which are indendent, academic organisations, China’s CERT is a division of the Ministry of Industry and Information Technology.
CNCERT’s report follows a paper published by US defense contractor Northrop Gruman which claimed that China’s People’s Liberation Army has accumulated what it describes as a "modern command, control, communications, computers, intelligence, surveillance, and reconnaissance (C4ISR) infrastructure".
"The rapid development of a comprehensive C4ISR infrastructure, linking platforms, personnel, and operations, is arguably the most transformative of all PLA efforts currently underway," the report concludes. "Computer network operations have become fundamental to the PLA’s strategic campaign goals for seizing information dominance early and using it to enable and support other PLA operations throughout a conflict."
The report acknowledged, however, that determinign the provenance of cyber attacks was an inexact science. "Ballistic missiles, airstrikes and troop landings have attribution ‘fingerprints’ like none other, whereas [computer network operations] actions often have none."
According to official figures, there are over 500 million Internet users in China.