Security News > 2000 > September > Top Chinese Sites Suffer Security Flaws
http://asia.internet.com/2000/9/1807-COL.html [September 15, 2000 -- BEIJING] A number of well-known Chinese hackers announced at an Internet security symposium held in Beijing recently that they are going legit as "Internet security professionals" to clean up the "hacker" name. They also announced that they have found security loopholes in the top 10 Chinese Web sites, as ranked by the China Internet Network Information Center. Speakers at the Yesky.com-sponsored symposium revealed that the biggest hacker organization, Isbase.com, has split up into two Internet security companies, the Shanghai Internet Security Base and the Beijing Zhonglian Internet Security Base, according to the Sept. 5 Beijing Wanbao (Beijing Evening News). The symposium revealed that the domestic Internet security industry is changing. First, the skill level of Chinese hackers has risen significantly. For example, Chinese hackers have found flaws with Microsoft software and forced Microsoft to devise patches. Second, a large number of professional Internet security companies have been springing up in China. In the first half of this year, 12 listed companies invested in the Internet security industry in a single month. The Internet security market is expected to grow to 100 billion renminbi (US$12.1 billion) next year. Third, the public has begun to distinguish between hackers and those who maliciously attack Internet sites. That top Chinese Web sites have security flaws comes as a surprise, the article said. Regarding the recent high-profile "HiSense firewall" incident, HiSense Group invited hackers to try to alter the servers Web page or obtain designated documents protected by the firewall and then announced that the firewall had successfully endured over 2.21 million attacks. Most hackers believed it was merely a commercial promotion. Discussing news reports on "hacker attacks," they said that the Web sites are trying to put the blame on hackers instead of accepting responsibility for providing basic security protection. Symposium participants called on the public not to confuse hackers with real criminals, the article noted. *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".