Press Releases

Browse our press release archive

05 Sep 2007

Fingers pointed at Chinese military after hacking reports

All organizations need to be properly defended, says Sophos

Chinese hackers are reported to have attacked Western government computer networks.

Sophos, a world leader in IT security and control, has reminded businesses of the importance of properly securing their computer systems following news stories that have claimed Chinese hackers have targeted government networks in the United States, UK and Germany.

The Financial Times has reported that the Chinese military are being blamed for a cyberattack which targeted a Pentagon computer system serving the office of US defense secretary Robert Gates. Unnamed sources are said to have told the newspaper that the People's Liberation Army (PLA) were blamed in an internal investigation for perpetrating the attempted hack. Media reports in The Guardian claim that the British and German governments have also been subject to similar probes by hackers working for the PLA.

The Chinese foreign ministry has vigorously denied the claims, and said it works hard to fight cybercrime. US President George W Bush has said that he may bring up the issue with the Chinese authorities, explaining that America's relationship with the country was "complex".

Experts at SophosLabs™ warn that all businesses and organisations, not just governments, need to defend themselves from the threat of cybercrime.

"There simply isn't enough information for us to be able to provide an opinion on whether these attacks were sponsored by the Chinese military or not, but these reports do underline the importance for everyone to make computer security a priority," said Graham Cluley, senior technology consultant for Sophos. "Internet hackers can hide their tracks, hopping from computer to computer, and leapfrogging around the world, making it very hard sometimes to determine precisely who is behind an attack. There is no doubt, however, of the importance of securing critical computers inside government from hackers whether motivated by politics, espionage or money."

Sophos does believe China to have an important part to play in the global fight against cybercrime. Research reveals that country presently accounts for 44.8% of the world's malware-infected webpages.

Top malware-hosting countries

CountryPercentage of reports
1 1 China (inc. HK)
2 2 United States
3 3 Russia
4 4 Ukraine
5 8= Poland
6 5 Germany
7 Re-entry Netherlands
8 Re-entry Italy
9= 8= Canada
9= 7 United Kingdom
Others 7.8%

"Although a worrying number of Chinese-based webpages are being found containing malicious code designed to infect web surfers worldwide, it does not necessarily mean that the criminals behind these attacks are based in the country," continued Cluley. "Cybercrime is a truly global problem and all businesses must ensure they are properly protected."

Research conducted by Sophos* reveals that 45% of people polled believe that China is likely to be responsible for the attacks, with 36% saying it was impossible to say, and 19% believing it could be someone else posing as the Chinese.

Two years ago Sophos reported how it had assisted the UK government in analysing a series of Trojans designed to steal confidential and sensitive information. Nearly 300 UK government departments and businesses critical to the country's infrastructure were the subject of Trojan horse attacks, many reportedly originating in the Far East.

Sophos notes that US government systems have been hit before by hackers based closer to home. For instance, last year Sophos reported how 21-year-old hacker Jeanson James Ancheta attacked PCs at the Weapons Division of the US Naval Air Warfare Center in China Lake, California and at the US Department of Defense. Ancheta was driven to hack the computers by the lure of money, however, rather than to steal secrets or disrupt infrastructure.

Last month, Sophos published its Security Threat Report July 2007, examining the latest trends in spam, malware and hacking. Included in the report are details of how Chinese computers are used to host much of the world's malware, and details of some of the more notable arrests made by the cybercrime-fighting authorities since the beginning of the year.

Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend against the threats of spam, hackers, spyware and viruses.

* Source: Sophos online poll, September 2007.

Disclaimer: Please bear in mind that this poll is not scientific and is provided for information purposes only. Sophos makes no guarantees about the accuracy of the results other than that they reflect the choices of the users who participated.

About Sophos

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at