Chinese hackers declare war on U.S. Web sites

A Chinese hacker community has declared war on U.S. government and business Web sites, according to a message posted on the hackers' home page. Chinese and American hackers initiated a game of one-upsmanship last month, daring each other to attack sites in one another's countries. The attacks have caught some federal agency Web sites in the middle of a trans-Pacific turf war. "We have a responsibility to respond to the American hacker challenge with our greatest offensive," a post on the Chinese hackers' Web site reads. "We must tell them Chinese people are not easily trampled on." The group calls itself Honker Union ( Honker Union's threats prompted the interagency National Infrastructure Protection Center to warn U.S. network administrators of the increased likelihood of cyber attacks between April 30 and May 7. Honker Union has claimed responsibility for tampering with several sites of the Interior Department's National Business Center. The center's Web servers were hit between 3:00 a.m. and 7:00 a.m. Tuesday, said Charles Nethaway, director of special services and Web development at the center. Hackers were able to access information on various sites and redirect visitors to other pages, Nethaway reported. "[The attack] was more disruptive than …just about anything that we have seen in the National Business Center," Nethaway said, noting that the agency took down six of its servers Tuesday morning to search for viruses or worms that may have been introduced into the system. Honker Union's home page is hosted by HiChina, a Beijing-based Web service. Speaking through a translator, a HiChina representative said the company was aware of Honker Union's attacks on federal Web pages, but that the group's actions did not constitute a contractual violation, and therefore would prompt no response from the company. A National Infrastructure Protection Center spokeswoman declined to comment on HiChina's statement. Honker Union has also claimed responsibility for attacks against the U.S. Geological Survey, NASA, Cornell University and more than 100 other U.S. government and business sites since April 30. The infrastructure protection center listed May 1, International Worker's Day in the People's Republic of China, as a possible date for increased hacker activity. Moreover, May 7 is the second anniversary of the accidental U.S. bombing of the Chinese embassy in Belgrade, Yugoslavia, and the center urged network administrators to take precautions against more attacks. Web pages of the departments of Health and Human Services and Labor were vandalized by hackers Saturday, according to two agency spokespersons. Bill Hall of HHS said the agency's page was defaced and that a picture of Chinese fighter pilot Wang Wei, who was killed in a collision with an American spy plane April 1, was posted on the site. Hall said there is now "a heightened level of alert…for any hacks" against federal agencies. The attacks have raised concerns about the security of agency Web pages. "We were extra-vigilant to do a review process of our security," Nethaway said of his Web team after receiving the the infrastructure protection center's warning. Nethaway wasn't aware of Honker Union's claims to have attacked the National Business Center's site, but he said that whoever breached the servers was "quite clever or persistent." The attack was the first-ever on the center's Web servers. Honker Union's Web site directs interested hackers to contact "Lion," a hacker believed to be responsible for spreading the Lion Worm, which captures passwords off operating systems and transmits them to an e-mail address in China. Nethaway said he didn't know if the Lion Worm had infected any of the business center's servers. Hackers frequently attack sites that have well-publicized vulnerabilities, according to one network operations engineer for a Washington, D.C. based Internet service provider. "Most hackers that hack Web sites are using well-publicized scripts and holes," the engineer said. "Most hack attempts I've seen of Web sites are usually exploits of well-known or at least semi-known holes in operating systems." Honker Union's Web site indicated that attacks will continue and invited other hackers to join in an online chat to "prepare our grandest attack." A spokesman at the Chinese Embassy in Washington said he was unaware of recent attacks on federal Web sites by Chinese hackers.
Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • GBC Issue Brief: The Future of 9-1-1

    A Look Into the Next Generation of Emergency Services

  • GBC Survey Report: Securing the Perimeters

    A candid survey on cybersecurity in state and local governments

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

  • eBook: State & Local Cybersecurity

    CenturyLink is committed to helping state and local governments meet their cybersecurity challenges. Towards that end, CenturyLink commissioned a study from the Government Business Council that looked at the perceptions, attitudes and experiences of state and local leaders around the cybersecurity issue. The results were surprising in a number of ways. Learn more about their findings and the ways in which state and local governments can combat cybersecurity threats with this eBook.


When you download a report, your information may be shared with the underwriters of that document.