Chinese hackers declare war on U.S. Web sites

A Chinese hacker community has declared war on U.S. government and business Web sites, according to a message posted on the hackers' home page. Chinese and American hackers initiated a game of one-upsmanship last month, daring each other to attack sites in one another's countries. The attacks have caught some federal agency Web sites in the middle of a trans-Pacific turf war. "We have a responsibility to respond to the American hacker challenge with our greatest offensive," a post on the Chinese hackers' Web site reads. "We must tell them Chinese people are not easily trampled on." The group calls itself Honker Union ( Honker Union's threats prompted the interagency National Infrastructure Protection Center to warn U.S. network administrators of the increased likelihood of cyber attacks between April 30 and May 7. Honker Union has claimed responsibility for tampering with several sites of the Interior Department's National Business Center. The center's Web servers were hit between 3:00 a.m. and 7:00 a.m. Tuesday, said Charles Nethaway, director of special services and Web development at the center. Hackers were able to access information on various sites and redirect visitors to other pages, Nethaway reported. "[The attack] was more disruptive than …just about anything that we have seen in the National Business Center," Nethaway said, noting that the agency took down six of its servers Tuesday morning to search for viruses or worms that may have been introduced into the system. Honker Union's home page is hosted by HiChina, a Beijing-based Web service. Speaking through a translator, a HiChina representative said the company was aware of Honker Union's attacks on federal Web pages, but that the group's actions did not constitute a contractual violation, and therefore would prompt no response from the company. A National Infrastructure Protection Center spokeswoman declined to comment on HiChina's statement. Honker Union has also claimed responsibility for attacks against the U.S. Geological Survey, NASA, Cornell University and more than 100 other U.S. government and business sites since April 30. The infrastructure protection center listed May 1, International Worker's Day in the People's Republic of China, as a possible date for increased hacker activity. Moreover, May 7 is the second anniversary of the accidental U.S. bombing of the Chinese embassy in Belgrade, Yugoslavia, and the center urged network administrators to take precautions against more attacks. Web pages of the departments of Health and Human Services and Labor were vandalized by hackers Saturday, according to two agency spokespersons. Bill Hall of HHS said the agency's page was defaced and that a picture of Chinese fighter pilot Wang Wei, who was killed in a collision with an American spy plane April 1, was posted on the site. Hall said there is now "a heightened level of alert…for any hacks" against federal agencies. The attacks have raised concerns about the security of agency Web pages. "We were extra-vigilant to do a review process of our security," Nethaway said of his Web team after receiving the the infrastructure protection center's warning. Nethaway wasn't aware of Honker Union's claims to have attacked the National Business Center's site, but he said that whoever breached the servers was "quite clever or persistent." The attack was the first-ever on the center's Web servers. Honker Union's Web site directs interested hackers to contact "Lion," a hacker believed to be responsible for spreading the Lion Worm, which captures passwords off operating systems and transmits them to an e-mail address in China. Nethaway said he didn't know if the Lion Worm had infected any of the business center's servers. Hackers frequently attack sites that have well-publicized vulnerabilities, according to one network operations engineer for a Washington, D.C. based Internet service provider. "Most hackers that hack Web sites are using well-publicized scripts and holes," the engineer said. "Most hack attempts I've seen of Web sites are usually exploits of well-known or at least semi-known holes in operating systems." Honker Union's Web site indicated that attacks will continue and invited other hackers to join in an online chat to "prepare our grandest attack." A spokesman at the Chinese Embassy in Washington said he was unaware of recent attacks on federal Web sites by Chinese hackers.
Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Sponsored by G Suite

    Cross-Agency Teamwork, Anytime and Anywhere

    Dan McCrae, director of IT service delivery division, National Oceanic and Atmospheric Administration (NOAA)

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Federal IT Applications: Assessing Government's Core Drivers

    In order to better understand the current state of external and internal-facing agency workplace applications, Government Business Council (GBC) and Riverbed undertook an in-depth research study of federal employees. Overall, survey findings indicate that federal IT applications still face a gamut of challenges with regard to quality, reliability, and performance management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.