Chinese domain name service provider and registrar DNSPod has reported hacking activities that affected its services and caused network outages in various provinces this week to its local public security organ under the requirement of China's Ministry of Industry and Information Technology.
Starting from 21:50 on May 19, 2009, Internet users in Jiangsu, Anhui, Guangxi, Henan, Gansu, and Zhejiang, reported that they suffered slow Internet speeds or were unable to visit some websites. The Internet in these provinces has currently recovered. According to China Telecom, the network failure was led by the domain name system failure of Baofeng.com, the website of the Chinese music player provider, and the failure further caused the surge of DNS server visits and the decrease of processing performance of the network.
Baofeng.com said that the company itself is also a victim and the origin of this network breakdown is because the servers of DNSPod were attacked by a malicious virus. Baofeng.com said it will backup the domain name servers and the work is expected to be completed within three days.
In addition, the Communications Security Bureau of MIIT has organized a meeting, attending by the National Computer Network Emergency Response Technical Team of the Coordination Center of China, China Academy of Telecommunication Research, China Telecom, and Baofeng.com. At the meeting, the MIIT pointed out that this incident has exposed that the DNS service has become a weakness of current network security in China. The ministry asked the relevant agencies to enhance their protections of DNS services, eliminate hidden dangers, and prevent such cases in the future.
According to local media reports, the responsible person for this serious fault will bear legal liabilities. The attacks reportedly caused breakdown of six DNS servers of DNSPod and they are still looking for the culprit.