Ok so I am not here to point fingers because both governments pretty much do the same thing duh… I will also add that Chinese attacks on US networks have increased in the past few months since the conflicts in Ukraine. Over this memorial weekend I have been monitoring many server nodes across different data centers and have definitely had in increase in brute force and scan attacks.
Today I have noticed a 400% increase in additional log records related to these attacks. Coincidence I think not, how else do you explain an increase in attacks a day before a major US holiday? Chinese PLA will obviously deny anything but if you analyze the data it definitely looks like a coordinated attack on US networks .Chinese Intelligence Assumes that no IT personal will be working over the weekend so they amp their attacks. Let let me say something to Chinese Intel… YES WE WORK ON HOLIDAYS TOO!… lol
P.S. I have logs to prove that too… xD
Here is a list of their most popular attack networks…
inetnum: 61.174.51.192 – 61.174.51.255
netname: HANGZHOU-SRT-TECHNOLOGY-CO-LTD
country: CN
————————————————————————–
inetnum: 42.62.0.0 – 42.62.127.255
netname: Forest-Eternal
descr: Forest Eternal Communication Tech. co.ltd
descr: Rm.902,North Real Estate Building, Build. No.3,
descr: #81Yuan,Haidian District,Beijing
country: CN
————————————————————————–
inetnum: 116.8.0.0 – 116.11.255.255
netname: CHINANET-GX
descr: CHINANET Guangxi province network
descr: Data Communication Division
descr: China Telecom
country: CN
————————————————————————–
inetnum: 61.191.0.0 – 61.191.255.255
netname: CHINANET-AH
descr: CHINANET Anhui province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
————————————————————————–
inetnum: 117.79.80.0 – 117.79.95.255
netname: SANXIN
descr: Beijing Sanxin Shidai Co.Ltd
descr: 1513 Xinjishu building Beijing link west road
descr: Haidian District, Beijing, PRC
country: CN