The rampant hacking against government websites is aimed at making illegal profits, and an "industry chain" already exists, Xinhua reported.

The hackers can make money by putting illegal links on the government websites.

Fan Dongdong of Urumqi, Xinjiang Uygur autonomous region, and Wen Chao of Jiangyou, Sichuan province, both 20, also hacked the websites of the Quality and Technical Supervision in Changsha city, Quality Supervision in Qinghai province, e-Governance of Fushun city, Archives of Gaoming District in Foshan city, and Standing Committee of National People's Congress in Chuxiong Prefecture in Yunnan, from March to May 2010. They modified the website source code and planted links to boost the search engine ranking for some websites.

Fan and Wen, who never studied computer programming, learned that they could make money by putting links on the infected government websites through online chats. Then they learned basic programming skills from video courses and bought passwords to log into the hacked government websites through A5 and other forums.

"We didn't know how to get the passwords and the link codes, so we bought them. One password costs 10 yuan ($1.50) and one link code costs 4 to 7 yuan," Fan said. Fan used the passwords to log in to the websites and add links for customers.

Wen Chao was accused of posting online threads to lure potential "customers" with marked prices ranging from 4 yuan (50 cents) to 7 yuan ($1) for each illegal link. For his part, Fan put key words such as "Legend Service," "Car Trading," or "Study in the US" in the links that were secretly added to the website codes on those sites. The customers could trace their links by logging on to www.linkhelper.cn . The accused made a profit of 6,000 yuan ($892) in three months.

A simple profit-making route involves buying access to the hacked websites and hacking software, advertising for "customers," adding in links in the government websites and maintaining them, and charging online or via remittance.

Two steps are involved in hacking into government websites:

First, decipher and control the website, or commonly known as "conquering the website." Second, enter by a backdoor or "houmen" program to crack into the website and make profits.

Four steps to "conquer the website"

First, be familiar with the website and collect information. Preview the Web pages, including the content and design. Search for the domain names on the Internet and its registration details.

Second, search for any security loopholes and decode. Hackers usually use their tools to find possible safety loopholes and decode them to acquire the user name and password of website administrators.

Third, detect the portal and break into the website. Hackers will search for administrator access portals after decoding.

Fourth, install "backdoor" program to control the website. After logging onto the administration system, hackers can install Trojan programs in order to upload, download, modify or delete files.

The second step:

Hackers make profits by using hacking skills. Hackers tout the hacked websites, or "sell the loopholes," estimated at 10 yuan each.

With access to the server, the hackers can log onto the administration system to launch attacks in three ways:

First, planting Trojan viruses and selling page views. The attack targets are usually websites with large page views but also security holes. Through planting viruses on the government websites, hackers can get the saved-in-computer information about bank accounts, game accounts and passwords, QQ instant messaging numbers, videos, and pictures via remote control. The hacked computers then become zombie computers.

The hackers usually charge on the base of the Web page traffic produced by Trojan software. They can even use the large amount of zombie computers to build a "botnet" to carry on network attacks, and finally lead to a meltdown of the website.

Second, implanting malicious links to enhance page views. Hackers often implant links for game or shopping websites into some government-related websites. When people visit the government websites, the hyperlinked websites will open simultaneously. For the high ranking of government websites in the search engine, the hyperlinked websites can also get a boost in page views.

Third, modifying, adding and deleting information on government websites. Hackers get illegal profits from people who have specific needs through modifying the content of government websites.

Why do hackers favor government websites?

Among the many websites, why are government websites always the hackers’ target? Experts, such as Zhu Quan, of the Computer Application Institute of China Nuclear Industry, said there were three main reasons.

First, government websites usually enjoy high ranks on search engines and have a large number of page views, so hackers can get more zombie computers and offer more hits to the Web pages of their customers.

Second, some government websites are less advanced in security protection, vulnerable to cyber attacks and can be cracked easily. Hacking against the government websites is mainly to use the platform rather than stealing information, so some website administrators pay less attention to the security threat, with some website servers having no firewall installed.

Third, because some government websites offer services to check exam results and qualification certificate number verification, they become the targets of some people who want to modify, add or delete private information for illegal objectives by hiring hackers at a high price.

For instance, in 2008, the website of the Department of Health in Jiangxi province was attacked and a false Certificate of Licensed Practicing Physician was added; in 2009, a network engineer cracked into the website of Traffic Police Corps Vehicle Administration System of Hubei province to make license plates for smuggled vehicles.

Generally speaking, the security level of these government sites is relatively high, but the potential profits also encourage hackers to break the law.

*Source: China Daily