Hakin9 magazine exposed by security researchers

Speaking as someone who has recently received multiple requests from hakin9 to contribute articles to their magazine, I found this article on The Register very entertaining.

I received a request from hakin9 (at the time I hadn't heard of their website or magazine) asking for an article on achieving the CISSP certification. I was interested and replied asking for more detail on what they were looking for. They responded but I was busy and never wrote anything for them.
Then a week or so later I received another request asking me to contribute an article about SNORT but it seemed to me that whoever had written the request didn't really understand what SNORT was - which I thought was odd and forgot all about it, until someone sent me the article above. Enjoy!

Hooking the big one?

A sensitive computer network belonging to the US government has been compromised in a targeted spear-phishing attack - as reported by Bill Gertz on the Washington Free Beacon's web site.

Additional write up on CNET News.

Both stories say that China was behind the attack, but this brings to my mind the problem of attack attribution in this kind of situation. The only evidence the articles cite is that the attackers "used servers located in China". How easy is it to rent hosting space in a Chinese data center and attack the US, in order to make it look like the Chinese are behind it? I'm not sure. Wouldn't Chinese state-sponsored hackers use a third party country to avoid attracting attention? Or maybe that's what they want us to think?