North America Procurement Council Procurement News
Chinese Cyber-Attacks Against NAPC Relentless
March 24, 2016
In recent days cyber-attacks against NAPC servers from China have reached new levels.
When China's ruler Xi Jinping visited Washington in September last year he promised Obama that he would put a stop to his government's cyber-attacks against the U.S.. There were high hopes of a respite, yet the attacks actually increased, despite mass media reports that attacks had slowed. Xi Jinping had simply lied to America's face.
Like many North American companies, the North America Procurement Council is subjected to sustained attempts by China to penetrate its servers and the occasional mass denial-of-service attack. Our security software and firewalls repell most attacks but an attack early this morning brought the server down for some time and disrupted our operations. Fortunately, the hacker did not actual penetrate our server and merely disrupted access.
The IP address used in the attack was 220.127.116.11, which resolves to state owned China Telecom, CHINANET Guangdong province network. 18.104.22.168 is a notorious IP address that has long been used to attack American computers. The Chinese government knows very well who the attackers are and is either paying them to do the hacking or is allowing it as a form of warfare against the U.S.. and this includes the NAPC.
The NAPC reported the attack to China Telecom but expects no response.
When the NAPC web sites were first brought online they came under intense attack from China and hackers in India so we simply blocked all IPs from both countries. After deploying new security software we eased the total ban on users in India and China and managed to repell attacks while allowing legitimate users. The latest round of attacks may require us to impose complete bans on China again. However, we have found that when we ban an entire country they hackers in that country just try to gain access through other countries. Most of the sustained data-scraping attempts on our servers actually come from European IPs.
China hacks computers around the world primarily to steal information and technology. The second purpose is to distrupt the economic activity of other countries in a subtle way that won't result in military reprisals yet still cause massive collective economic damage.
The U.S. has threatened to impose sanctions against Chinese military leaders responsible for cyber-attacks but has failed to actually impose any sanctions.
The United States government is also guilty of hacking other countries and does it primarily for information and technology. Unlike China, the U.S. government doesn't typically try to disrupt the commercial operations of companies in other countries, unless they pose some kind of threat to the U.S. government or its favored corporations.
Copyright: North America Procurement Council, Inc. PBC