Crackpot Chronicles

Another one hits the dust:

Police arrest Chinese hacker in Tokyo

Big News Network via China National News via UPI
Reported on Wednesday 6th July, 2005

Police have arrested a Chinese university student in Tokyo, accusing him of hacking into companies' computer systems to obtain information on their customers.

Yu Hua, 27, a student at a private university and resident of Tokyo, is accused of violating the anti-hacking law, the Mainichi Shimbun http://mdn.mainichi-msn.co.jp/ reported Wednesday.

He had placed an advertisement on an Internet bulletin board offering the customer information for sale. Yu admitted to the allegations during questioning, telling investigators he needed money for his tuition fees.

In the specific case for which he was arrested, police said Yu used his home computer to hack into the computer system of the Club Tourism travel agent between March 15 and 17, obtaining about 160,000 pieces of personal information on its customers, including their passwords and names.

Investigators are questioning him over allegations that he also hacked into the computer systems of 13 other companies and obtained approximately 360,000 pieces of personal information on their customers.

The police suspect that Yu used Chinese software that allows users to look for security loopholes in computer systems.

I wonder what his major is/was? Not computer science, I hope. Nice to know the Chinese have software to assist hackers, isn't it?

Hacking and identity theft is rampant and this also helps explain the avalanche of worms and trojans and virii that have plagued our computers since we've come to China. My Zonealarm personal firewall lit up like a Christmas tree the first time I went online three years ago when we first arrived in China and my virus software worked overtime stomping worms that embedded themselves in in the registry and kept replicating themselves. These critters use ports opened by legitimate internet communication and file transport and are especially fond of piggybacking on P2P file sharing networks. Sometimes these cybervermin use your computer to redirect communications anonymously, slowing your system down, sometimes they look for information that can be used for identity theft or in this case, customer information that can be exploited or sold.

About a month ago, I experienced a catastrophic computer crash on a fairly new computer running XP. I'd upgraded from Win98 and thought I was safe with the built-in firewall so I didn't add a personal firewall. That was a bit of ignorance that cost me a lot of time and stress. It took over a week to find a tech and a translator here in Beijing that could help. Most Chinese computer techs just come in and tell you they have to wipe the disk and reinstall Windows, which destroys all your files. It's easy to do, gets the job done and they really don't care much about your files anyway.

Incompetent Chinese techs can be more dangerous than cyberattacks. Two and a half years ago when we were in Xiamen, two techs came over to install the ADSL internet service and had problems making it work on one of our computers. After a few hours, they asked for the Windows disc and I assumed they were going to install a driver, but I asked anyway, through Hank, our student friend who came to translate. They intended to reinstall Windows (which would have wiped the hard disk)! Without even asking! I refused in no uncertain terms (to put it mildly) and after another couple of hours of unsuccessful tinkering, they left. The next day someone who knew what they were doing showed up and installed the ADSL connection in ten minutes.

Flash forward to recent past when my computer was down and out, reason undetermined at the time. I'd recently bought a 10-pak of CDs to do backups, but my CD writer was malfunctioning intermittently and I couldn't get it done. Nor could I use the system repair CD that came with my new computer. I wondered if the problem that crashed my computer originated from the balky CD drive. I would find out that that CD drive problem had a much simpler cause, one both I and the tech overlooked. The tech, a really sweet man and sympathetic to my urgency to recover my personal files, spent two days overseeing the problem and dealing with my panic. He sold me a portable hard disk, and we installed Windows on that. This required going to an outside shop, which let us use their equipment, since my CD drive wasn't working. They charged us 200 RMB for the bench time and use of their equipment. Once Windows was installed on the outboard hard disk, we used it to access the hard drive on the computer that was down. There were all my files. I spent all night transferring them from the computer to the portable hard drive and the tech came back in the morning to install XP on the computer. That was successful and I transferred all my personal files back and began the slow process of rebuilding the software environment. As I did, my virus software reported a worm, which it eliminated. Curious, I looked into the "exclusion" list in the virus software and what I found astonished me: the worm had installed itself as an exclusion, meaning it set the virus software to ignore its location. It was only when it began to generate some activity on the computer that the virus software found it. You have to be a real detective to keep up with this stuff. Password protecting the Options function of the virus software, the module in which exclusions are specified, at least made that back door more difficult to hack. I was then fairly certain that a virus had taken my computer down, which is what the tech suspected.

There are heroes here too. The tech, who'd put in 2 days time, refused to let me pay him, but accepted an invitation to lunch.

I put a new Zonealarm personal firewall on this computer and have at least 40 alerts of attempts to find an entry point into my computer a day. I feel a little more protected now and I've backed my files up on CDs--oh, yes, it's working now. I got a CD/DVD cleaning disk and that solved that problem--a bit embarrassing to admit that it didn't occur to me before. It certainly would have saved a lot of trouble.

I'm now up and running again somewhat the worse for wear and wiser--hopefully wiser enough.