Modernizing Authentication — What It Takes to Transform Secure Access
Police in China have arrested a gang of hackers accused of involvement in attacks on 185 government Web sites.
"The group made their money by selling fake qualifications certifying the recipient in fields such as medicine, financial services and architecture, with over 30,000 people suspected of having bought the dodgy certificates," writes The Register's Phil Muncaster. "The gang’s USP, and the reason it could charge up to 10,000 yuan ... per certificate, was that it could hack the relevant government site and tamper with the back-end database to ensure that the fake cert’s name and registration number appeared legitimate."
"As of July 12, police had arrested 165 people, confiscated more than 7,100 fake certificates and at least 10,000 fake seals, and are still hunting for more members of the gang," write China Daily's Xu Jingxi and Zhang Yan. "The fake certificates were sold at between 4,000 and 10,000 yuan ($626 and $1,565), police said. The profits generated surpassed 300 million yuan."
"China Daily reported the crackdown began when the city's office of personnel and examinations reported an attack on its site on Dec. 8, 2011, after finding a link had been illegally added," writes ZDNet's Jamie Yap. "This led police to seven suspects who sold fake certificates in Nanjing, Jiangsu province and Heyuan in Guangdong, and subsequently the discovery of a network of hackers, certificate forgers, advertisers, and personal data collectors scattered across at least 12 provinces in China."