“No website is 100% safe,” says Chen Xiao, member of a
team of hackers that operate from a bare apartment just off the coast of
Shanghai.
“There are websites with high-level security, but there is
always a weakness,” adds Chen.
Pensive about his actual identity, Chen and his two
colleagues belong to what some are calling a Chinese “civilian cyber militia,”
attacking government and private websites around the world for fun and, occasionally, profit.
In a secret
meeting with CNN correspondent John Vause, Chen showed the reporter around
his apartment and demonstrated how Chan and his group do their business. The
meeting was set up after weeks of “on-again, off-again e-mail exchanges.” When
Chen finally agreed, “CNN was told to meet them on the island of Zhoushan, just
south of Shanghai and a major port for China’s navy.”
Chen also runs an online community that sports more than
10,000 registered users, providing hacking articles, tools, news, and flash tutorials.
He claims the website has been in operation for more than three years.
“There is a saying,” says Chen, “’Know about both yourself
and the enemy, and you will be invincible.'”
Many now look to China as the biggest source of the world’s
cybercrime, with a December 2007 report from McAffee calling the internet a
front for “the
next Cold War” as a new black market emerges for hacking tools and information.
When the Chinese military was suspected
to be hacking into Pentagon computers around June of last year, Beijing
called the accusations “groundless” and accused U.S. officials of having a “Cold
War mentality.”
Chen claims that he and his associates have hacked into some
of the most prolific and secretive web sites in the world, including internal
sites for the Pentagon. While he could not provide proof to back
up these claims, he did admit that his associates were paid after-the-fact by
the Chinese government for information gleaned from the Pentagon attack.
“I am telling you honestly, the Chinese government does not
do such a thing,” said Chinese official Gang Qin, responding to Chen’s
allegations.
James Mulvenon, who works for the Center for Intelligence
Research and Analysis, called Chen and his ilk “useful idiots for the Beijing
regime,” noting that they are tolerated provided they “do not conduct attacks
inside of China.”
Government entities aren't the only
targets of hackers these days. 2007 was a banner year for cyber
hackers with regards to personal information. According to the
Identity Theft Resource Center (ITRC) and Attrition.org non-profit
groups, there were over
79 million reports of compromised personal data records for 2007
according to the ITRC -- this compares to roughly 20 million reports
during all of 2006.
