Jack Voth, Algenol’s information technology chief, stumbled on something odd: a telnet connection to its videoconference camera from an Internet Protocol address in China
Hacking attacks come from many countries, he says, but most are efforts to steal credit-card information. Chinese hackers, by contrast, tend to target trade secrets and unique technology.
Algenol executives did not know that Aliyun was the cloud computing part of Alibaba, and they never tried to make contact.
Alibaba said that two former Algenol employees had signed up for an Alibaba marketing e-mail. Once they left Algenol and the marketing e-mails bounced back, Alibaba said that its own security system checked on the accounts and that Algenol mistook those inquiries as attacks.
Voth, however, is not convinced. He disputed Alibaba’s explanation about the marketing e-mails to employees who left Algenol four years ago, and said that to mistake an Alibaba security response for an attack would mean that there was a flaw with the widely used firewall language called Snort, which is updated constantly.
He said that since Jan. 1, each of 539 IP addresses has attacked Algenol computers 5,000 times or more.
The largest numbers of hacking probes came from the United States, China, Taiwan and Russia, he added. The single IP address that has attacked Algenol the most is a German address; the top Chinese IP address attacking Algenol ranked 10th.
Voth said the fight to protect Algenol’s computer system would be a long one. “A rule of thumb is that you have security by obscurity,” Voth said. “We’d rather have a low profile. But clearly the bad guys have our addresses.”