Internet abuse stems from school in China

March 4, 2010, 1:04 a.m.

When Jaehyun Park ’12 glanced up at the scoreboard after the first two hours at the ACM International Collegiate Programming Contest (ACM-ICPC) World Finals in Harbin, China last month, he was elated. Scrambling to solve rigorous computer science problems involving “theoretical and mathematical thinking,” Park and two other Stanford students saw that they were in first place.

Stanford’s lead didn’t last for long, however.

By the end of the competition — one of the most prestigious in the field of computer science — the team had slipped to 14th place. Shanghai Jiaotong University eventually claimed the top spot, completing all 11 problems with a “very fast and precise” pace that Park called “just amazing.”

Other than that, Park knew little about the victors.

“I knew that they won the competition twice during last 10 years, but nothing more than that,” he said.

Less than three weeks after the contest, Jiaotong University was back in the headlines for its computer prowess, but instead of being lauded, the school found itself in the center of a global hacking investigation. Computer science experts and National Security Agency investigators looking to find the source of a hacking scheme — dubbed “Operation Aurora” — which targeted large companies such as Google, Adobe and Yahoo! this year, suggested that the Shanghai school had been a home base for the coordinated online attack.

In the attack, unidentified hackers stole private data and accessed information in personal e-mail accounts, one of which belonged to Stanford student Tenzin Seldon ’12. Google later threatened to pull operations out of China, but has since acquiesced and is currently in talks with the Chinese government regarding continued operations in the country.

Investigators allege that, based on evidence, Jiaotong and Lanxiang Vocational School in China’s Shandong Province were involved with Operation Aurora.

For a university of Jiaotong’s stature, such allegations are especially troubling and could have an immediate effect on the school’s reputation. Duncan Clark, a visiting scholar with the Freeman Spogli Institute (FSI) and an expert on Chinese Internet policies, said that Jiaotong, which has 33,000 students, is considered by some the Chinese equivalent of an American Ivy League university.

Yet Clark was hesitant to completely blame the university or the Chinese government for the hacking scheme.

“Nobody knows what’s going on and some people in the government don’t even know what the heck is going on,” he said. “There’s a lot of bandwidth and computing power, but it’s not necessarily well-administered [in China].”

Calling the investigation into Operation Aurora an “evolving situation,” Clark, however, did not rule out the possibility of government involvement or the idea that the Chinese administration knew about the attack and simply “turned a blind eye.” He also suggested that highly organized students might have performed the attacks for the sake of “sport.”

“In the West we tend to perceive China as a highly disciplined, top-down society,” Clark said of organized hackers working independently of the government. “But we realized that it’s quite the opposite and rules are often broken.”

He went on to detail how, in another possible scenario, hackers outside the country might have employed false signs to try to frame the universities for the attacks.

The Chinese schools involved have already denied allegations, with The New York Times reporting that a Jiaotong spokesperson was “shocked and indignant” about the accusations. An anonymous professor from Jiaotong’s School of Information Security Engineering was quoted in the same story saying, “I’m not surprised. Actually, students hacking into foreign Web sites is quite normal.”

The Chinese government is no stranger to obtaining private information from corporations. In a highly publicized case in 2005, Chinese journalist Shi Tao was jailed after it was revealed that he had a sent a government document through his personal Yahoo! e-mail account.

For Clark, despite all the possibilities, the nature of the cyber attack “points to a political element,” which might suggest a growing hard-line approach to administration policies. The scholar said that with current economic concerns and worries of outside influence on development, uncompromising factions at the top level of the Chinese communist party have been gaining strength.

With changes in positions occurring in the party in 2012, Clark said, this new faction may be taking a no-nonsense approach to dealing with outside corporations, possibly exemplified by the cyber attack. He went on to call the current faction running the government “xenophobic” and “paranoid.”

Yet in a country fast approaching 400 million Internet users, China’s move toward heavy Web regulation and monitoring may not be a straightforward trend. Clark stated that there were many factions in the government that may be able to shift the direction of the government, a sentiment echoed by FSI scholar and sociology Prof. Xueguang Zhou.

“China is undergoing drastic transformation in a very short period of time,” Zhou wrote in an e-mail to The Daily. “In this process, the Chinese government is not monolithic; rather, the government is fragmented and faces diverse forces pushing and pulling in different directions. It is useful to understand the Chinese government, its policies and behaviors, in light of these dynamics.”

Login or create an account

Apply to The Daily’s High School Winter Program

Applications Due Soon