Iran-China cyberwar breaks out as Iranians hack into Chinese search engine

Published 14 January 2010

Iranian hackers broke into the Web site of Baidu, the Chinese search engine, displaying the Iranian flag and calling themselves the Iranian Cyber Army; in retaliation, Chinese hackers flooded Iranian Web sites with warnings about intervention in China’s internal affairs

An unlikely cyberwar broke out Monday when Iranian hackers attacked China’s leading search engine and Chinese counterparts retaliated against Iranian Web sites. In the morning, people accessing the Web page of Baidu, China’s largest Internet search engine, found it was covered with a picture of the Iranian flag and other symbols and the words “Iranian Cyber Army.”

FT’s Kathrin Hille and Najmeh Bozormehr write that not long after, a rallying cry for retaliation emerged in Chinese online discussion groups, blogs, and bulletin boards. In the afternoon, participants and cybersecurity experts started reporting that Chinese flags and nationalist slogans had appeared on Web sites registered in Iran.

On another Web site registered in Iran, Chinese hackers displayed a message saying: “Please tell your so-called Iranian Cyber Army: Don’t intrusion chinese website about The United States authorities to intervene the internal affairs of Iran’s response. This is a warning!” [sic.]

It remains unclear why Baidu’s Web site was hacked. A group calling itself Iranian Cyber Army had hacked into Twitter last month after the microblogging service had served as an important communication tool for Iranian prodemocracy forces.

Hille and Bozormehr write that China and Iran, both governed by authoritarian regimes, enjoy relatively friendly and stable ties bolstered by China’s strong demand for Iranian oil. Bilateral relations have grown more complicated, however, since the Iranian election last year. The Chinese government censored reports of prodemocracy protests in state media and on the Web.

Late last month, following the latest crackdown of the Iranian government, Chinese Web users created “CN4Iran,” a Twitter topic where Chinese users commented on the situation in Iran in Chinese, expressed support for the opposition and discussed it in the context of China’s own authoritarian regime.

Chinese hackers have been very active for years in certain countries. U.S. defense experts say organized groups frequently hack into military-relevant networks in America and pose a security threat. Chinese hackers also have a record of online fights with counterparts from Taiwan, the self-ruled island China claims, and attacking Web sites in Japan.

On one Iranian site, hackers proclaimed themselves yesterday as “Honker Union for China.” That group identifies itself on its Web site as an alliance of Internet security professionals with links to other hacker groups.

Yesterday, the Honker Union Web site claimed to have organized retaliatory hacking of Iranian sites, and displayed a screenshot of the Web site of Iranian State Television with the slogan: “We are China’s hacker! Let the world hear the voice of China! The state is higher than the dignity of all!”

The targets in Iran appeared to be picked randomly. One of the hacked sites was an educational Web site run by Seyyed Morteza Mousavian. Mousavian said his Web site intended to teach undergraduate students about networking and the Internet.

Another of the targets was the Web site of the faculty of the Islamic Republic of Iran Broadcasting, the state television and radio. A third one was the page of an education quarterly.

While the intrusion of Baidu was short lived, the backlash grew yesterday afternoon. On a Baidu bulletin board, some internet users called upon fellow “netizens” to join them in hitting back. “We have organized an Anti-Iran Special Action Group,” said one posting. It linked to a group on QQ, China’s most popular instant messaging service.