Or maybe con-fused? Note the brief paragraph about the "Lion" worm, which issues denial of service tools...looks like UPI ended up with a defacement, too. Web graffitti, ugly but apparently it doesn't do any real damage.
http://www.countrywatch.com/files/037/cw_wire.asp?vCOUNTRY=037&UID=486230
'Chinese' hacking threat fizzles out
By MICHAEL KIRKLAND
WASHINGTON, May 8 (UPI) -- After days of online chest-thumping, Chinese hackers -- or those pretending to be -- failed to launch a promised cyber-attack on U.S. government targets, a security analyst in the private sector said Tuesday.
Significantly, after a week of silence, official Chinese organizations on the mainland have finally begun to criticize the hacking as illegal, he said, and may have frightened the hackers.
Mike Assante, vice president of intelligence for Vigilinx, added that one official Chinese press source even described last week's Web site defacements as "terrorism."
"We believe this may have caused the threat (promised by online hackers for Tuesday) to defuse," Assante said by telephone from his New Jersey office.
Also on Tuesday, an administration security official at the White House continued to dissociate the Chinese government from the hacker activity, and the FBI's National Infrastructure Protection Center said it had nothing new to report.
Pro-Chinese and anti-United States Web site defacements appeared to have peaked last week. UPI.com was among the sites defaced, but was quickly restored. Assante said Tuesday that Chinese hackers monitored by Vigilinx claimed on an online "scoreboard" to have defaced 1,030 sites.
However, the tenor of the hacking activity and the online threats changed radically over the weekend.
Instead of Web site defacements, which are more annoying than destructive, purported Chinese hackers monitored by U.S. officials and the private sector seemed to be turning to preparations for distributed denial of service, or DDOS, attacks.
The official White House Web site repulsed such an attack late last week, and Assante said DDOS probing of the White House site continued through the weekend.
NIPC itself issued two advisories over the weekend warning of DDOS activity on the Internet, saying it "has received reliable information indicating ongoing attempts to disrupt Web access to several sites," and added that the attempts were associated with denial of service attacks.
DDOS tools are available on the Internet "in the wild," where even a relatively unsophisticated hacker can find and download them.
In preparing for a DDOS attack, an illegal hacker uses the tool to plant "packets," or "daemons," into innocent third-party computer systems, turning them into unwitting "zombies." On the order of the illegal hacker controller, great numbers of zombies launch their attacks against a single target, all without the knowledge of the zombies' operators.
The attacks are in the form of a message from a zombie asking a target system for information. The message comes with a "spoofed," or fictitious, return address, and is unanswerable. When the site becomes totally committed to answering thousands of unanswerable messages, it breaks down.
NIPC also re-issued an advisory on a new Internet worm, "Lion," which "is infecting computers and installing distributed denial of service tools on various computer systems," the advisory said. After describing how the worm burrows itself into a system, the NIPC advisory added, "This initial activity appears to be the precursor to a larger DDOS attack."
NIPC and a cooperative of system and network administrators and security professionals -- the System Administration, Networking, and Security Institute, known as SANS -- said the worm appeared to be sending hacked passwords to an e-mail address in China.
On Monday, Assante and Vigilinx said there were indications that Chinese hacking appeared to be building to a climax on Tuesday morning, but said the next day that threats appeared to dissipate in the face of broad official disapproval.
Copyright © 2001 UPI. All Rights Reserved.
