I recently put a Linux server online and it didn\'t take long until I had the fi
ID: 659850 • Letter: I
Question
I recently put a Linux server online and it didn't take long until I had the first attempts to brute-force the SSH login. It's not that I am worried about that - I trust the security of my server. But just out of boredom I looked up some of the originating IP addresses and noticed that almost all of them were Chinese.
Why is it that so many cracking attempts originate from China?
Does China provide an environment which is favorable for cybercrime to bloom? Or are we actually dealing with people from other countries who just like to use botnet zombies from China? In any case: The Chinese government is known for its ability to censor the internet access for their people. Why don't they use that infrastructure to shut down the criminal activity originating from their network?
Explanation / Answer
First, China has lots of people. It has more than 4 times as many inhabitants than USA. Then lots of them are young and well educated and smart enough to do hacking. And while I'm sure that China has tough laws against hacking of chinese infrastructure, it might even profit from hacking outside infrastructure. This way of thinking is not specifically chinese, just remember privateers or recent hacks against brazil by anonymous with the help of the FBI.