Hong Kong Connection Probed in Cyber Attacks

china-mandiant-graph-feb-2013.jpg Mandiant found that 141 organizations had been hacked by an alleged Chinese government-backed cyber-espionage group.

Hong Kong police are investigating the use of an IP address belonging to the Hong Kong University of Science and Technology after college authorities reported suspicious activities on their servers linked to recent reports of hacker attacks on U.S. companies originating in China.

The IP address was the only one traced to Hong Kong by security firm Mandiant in its recent report, which alleged that hackers based in China had infiltrated a large number of U.S. corporate computer systems in recent years.

Mandiant traced a total of 613 IP addresses involved in transnational cyber-attacks to a building it said belonged to the People's Liberation Army's cyber-division in Shanghai.

The remaining IP address belonged to the University.

"The university has opposed any hijacking activities and is very concerned that its network has been attacked and used by hackers," the university said in a brief statement in response to the report.

"A report has been lodged with the police while [an internal] investigation has been launched. We are serious about network safety."

A police spokesman told Hong Kong media that officers at the force's Cyber Security Center had already met with university officials to discuss the claims.

Professor Frederick Lochovsky, a computing and engineering professor at the university, said in an email that thousands of students and staff had access to the university network, which was accessible via smartphone and other portable devices like netbooks and laptops.

He said each device was assigned different IP addresses randomly, while user accounts were password protected.

Grave concern

Hong Kong legislator Charles Mok, who represents the technology sector in the territory's Legislative Council, said it would be a matter of grave concern if people had used a Hong Kong university to launch international cyber-attacks.

"If this is the case ... it would be very serious indeed," Mok said. "But we have to work out whether this is the work of an individual student."

"There are thousands of students and thousands of staff working at the university, so we have to get it straight first what we are actually dealing with," he said.

The University runs a number of high-tech and business courses, and attracts large numbers of students from mainland China.

China's defense ministry this week rejected claims that the military was behind the hacker attacks, saying Mandiant's report lacked technical proof, and that IP addresses could easily be usurped.

However, Mandiant's report said it was "highly unlikely" the Chinese government was unaware of the hacking attacks, and was possibly supporting the cyber-espionage.

Chinese officials have denied repeated allegations of government involvement in cyber-attacks, saying that China has also been the target of attacks from IP addresses originating in the U.S.

Reported by Hai Nan for RFA's Cantonese service. Translated and written in English by Luisetta Mudie.


Add your comment by filling out the form below in plain text. Comments are approved by a moderator and can be edited in accordance with RFAs Terms of Use. Comments will not appear in real time. RFA is not responsible for the content of the postings. Please, be respectful of others' point of view and stick to the facts.