Nation's cyberspace 'vulnerability' exposed by attack

China's massive Internet infrastructure is extremely vulnerable to overseas cyberattacks, experts warned on Thursday after a server malfunction redirected a large number of requests to wrong pages for days.

The country has seen an increasing number of attacks targeting key Internet infrastructure, government bodies and influential industrial organizations, according to a report.

This was released on Thursday by the National Computer Network Emergency Response Technical Team Coordination Center, a nongovernmental agency that monitors China's Internet safety.

"Although protection methods have improved generally, the risk level for basic Internet infrastructure remains high," the report said.

Last year, the center detected more than 1,500 major security flaws from telecom carriers, triple the amount found a year previously.

Four days before the agency issued its warning, Internet users on the Chinese mainland were finding it difficult to access a large number of websites that allow visitors to log in using Facebook accounts.

Page view requests to these sites were hijacked and redirected to two addresses - wpkg.org, the home page of an open source software, and ptraveler.com, a travel blog.

The incident affected a long list of sites, including cnn.com, yahoo.com.jp and the site of Emirates airline.

A senior staff member overseeing Internet operations at the coordination center said: "It was a rather strange case because the hackers were directly targeting the telecom carriers' servers. It has rarely happened before.

"China Telecom was the biggest victim because it is the largest Internet service provider. ... It is impossible to estimate the damage at the moment."

Access to the sites affected had been restored by Thursday afternoon.

In a statement, the center said the redirection was caused because some of the servers in China were "contaminated" by malware from overseas servers.

Experts said it will be difficult to trace the source of the attack because it is technically possible to carry it out by remotely controlling the servers.

No group or individual has claimed responsibility for the attack.

Shen Yi, a researcher at Fudan University, said China has been on the receiving end of foreign online hacking.

"The country lags far behind the West in building an anti-hacking system. When the worst happens, we cannot find an effective way to defend Internet safety."

Shen added that China is focusing on improving cybersafety levels, but the vulnerabilities have been easy to find.

gaoyuan@chinadaily.com.cn