Posts Tagged ‘Internet security’

Antivirus firm warns of cyberattacks on home appliances

May 18, 2017


© AFP/File | Internet security became a hot topic when a ransomware attack hit more than 300,000 computers worldwide, affecting the likes of Britain’s National Health Service, US package delivery giant FedEx and Germany’s Deutsche Bahn rail network


Avast, the company behind the leading antivirus software, warned Thursday against attacks on home appliances connected to the internet, calling hackers targeting home routers a major threat to consumers.

“It’s a trivial thing to do and there’s nothing the user can do to fix it, other than to throw the router away and put in a new router,” Avast chief executive Vincent Steckler told reporters.

Avast chief technology officer Ondrej Vlcek said that more and more people were using internet-enabled appliances which he described as “a total nightmare when it comes to security”.

Vulnerable appliances include TV sets, audio systems, coffee machines and toys, according to the Prague-based company, which every month registers 444 million users and prevents 3.5 billion malware attacks and 500 million visits to harmful websites.

In February, London police arrested a Briton suspected of staging a cyberattack on household routers run by Deutsche Telekom in November 2016, which knocked an estimated million German households offline.

Steckler said his company had hacked into a router at a recent show in the United States to demonstrate the harm such attacks can do.

Avast changed the router’s firmware, took control of a TV set and made it play a Barack Obama speech over and over.

“Even if you turn off the TV, the router turns the TV back on and the user can’t see anything other than the Obama speech,” Steckler said, adding that the hacker could then hold the TV for ransom.

“I know most people, especially Americans, care much more about their TV than they do about their data. They’d probably be much more willing to pay ransom for it,” he said, chuckling.

Internet security became a hot topic last Friday when a ransomware attack hit more than 300,000 computers worldwide, affecting the likes of Britain’s National Health Service, US package delivery giant FedEx and Germany’s Deutsche Bahn rail network.


China’s Secret Weapon in South Korea Missile Fight: Hackers

April 21, 2017

China denies it is retaliating over the Thaad missile system, but a U.S. cybersecurity firm says they are

This 2015 handout photo from the U.S. Department of Defense shows a terminal High Altitude Area Defense interceptor being test launched on Wake Island in the Pacific Ocean.

This 2015 handout photo from the U.S. Department of Defense shows a terminal High Altitude Area Defense interceptor being test launched on Wake Island in the Pacific Ocean. PHOTO: AFP PHOTO / DOD / BEN LISTERMAN

April 21, 2017 5:20 a.m. ET

Chinese state-backed hackers have recently targeted South Korean entities involved in deploying a U.S. missile-defense system, says an American cybersecurity firm, despite Beijing’s denial of retaliation against Seoul over the issue.

In recent weeks, two cyberespionage groups that the firm linked to Beijing’s military and intelligence agencies have launched a variety of attacks against South Korea’s government, military, defense companies and a big conglomerate, John Hultquist, director of cyberespionage analysis at FireEye Inc., said in an interview.

No automatic alt text available.

The California-based firm, which counts South Korean agencies as clients, including one that oversees internet security, wouldn’t name the targets.

While FireEye and other cybersecurity experts say Chinese hackers have long targeted South Korea, they note a rise in the number and intensity of attacks in the weeks since South Korea said it would deploy Terminal High-Altitude Area Defense, or Thaad, a sophisticated missile-defense system aimed at defending South Korea from a North Korean missile threat.

China opposes Thaad, saying its radar system can reach deep into its own territory and compromise its security. South Korea and the U.S. say Thaad is purely defensive. The first components of the system arrived in South Korea last month and have been a key issue in the current presidential campaign there.

One of the two hacker groups, which FireEye dubbed Tonto Team, is tied to China’s military and based out of the northeastern Chinese city of Shenyang, where North Korean hackers are also known to be active, said Mr. Hultquist, a former senior U.S. intelligence analyst. FireEye believes the other, known as APT10, may be linked to other Chinese military or intelligence units.

China’s Ministry of Defense said this week Beijing has consistently opposed hacking, and that the People’s Liberation Army “has never supported any hacking activity.” China has said it is itself a major hacking victim but has declined to offer specifics.

Mr. Hultquist said the two hacking groups gained access to their targets’ systems by using web-based intrusions, and by inducing people to click on weaponized email attachments or compromised websites. He declined to offer more specific details.


Recent cyberattacks attributed to Chinese state-backed groups.

  • Since February Spear-phishing* and watering hole** attacks were conducted against South Korean government, military and commercial targets connected to a U.S. missile defense system.
  • February, March Attendees of a board meeting at the National Foreign Trade Council were targeted with malware through the U.S. lobby group’s website.
  • Since 2016 Mining, technology, engineering and other companies in Japan, Europe and North America were intruded on through third-party IT service providers.
  • 2014-2015 Hackers penetrated a network of U.S. Office of Personnel Management to steal records connected to millions of government employees and contractors.
  • 2011-2012 South Korean targets, including government, media, military and think tanks were targeted with spear-phishing attacks.
  • *Sending fraudulent emails made to look as if they come from a trusted party in order to trick a target into downloading malicious software.
  • **A strategy in which the attacker guesses or observes which websites a targeted group often uses and infects them with malware to infect the group’s network..
  • Sources: FireEye, Trend Micro, Fidelis, PricewaterhouseCoopers and BAE Systems, WSJ reporting

Mr. Hultquist added that an error in one of the group’s operational security provided FireEye’s analysts with new information about the group’s origins.

South Korea’s Ministry of Foreign Affairs said last month that its website was targeted in a denial-of-service attack—one in which a flood of hacker-directed computers cripple a website—that originated in China.

A spokesman said that “prompt defensive measures” ensured that the attacks weren’t effective, adding that it was maintaining an “emergency service system” to repel Chinese hackers.

The ministry this week declined to comment further, or to say which cybersecurity firm it had employed or whether he thought the attacks were related to Thaad.

Another cybersecurity company, Russia’s Kaspersky Lab ZAO, said it observed a new wave of attacks on South Korean targets using malicious software that appeared to have been developed by Chinese speakers starting in February.

The attackers used so-called spear-phishing emails armed with malware hidden in documents related to national security, aerospace and other topics of strategic interest, said Park Seong-su, a senior global researcher for Kaspersky. The company typically declines to attribute cyberattacks and said it couldn’t say if the recent ones were related to Thaad.

The two hacking groups with alleged ties to Beijing have been joined by other so-called hacktivists—patriotic Chinese hackers acting independently of the government and using names like the “Panda Intelligence Bureau” and the “Denounce Lotte Group,” Mr. Hultquist said.

South Korea’s Lotte Group has become a particular focus of Chinese ire after the conglomerate approved a land swap this year that allowed the government to deploy a Thaad battery on a company golf course.

Last month, just after the land swap was approved, a Lotte duty-free shopping website was crippled by a denial-of-service attack, said a company spokeswoman, who added that its Chinese website had been disrupted with a virus in February. She declined to comment on its source.

China’s Ministry of Foreign Affairs didn’t respond to questions about the website attacks. The ministry has previously addressed Lotte’s recent troubles in China by saying that the country welcomes foreign companies as long as they abide by Chinese law.

The U.S. has also accused Chinese state-backed hacking groups of breaking into government and commercial networks, though cybersecurity firms say such activity has dropped since the two nations struck a cybersecurity deal in 2015.

The two Chinese hacking groups named by FireEye are suspected of previous cyberattacks.

FireEye linked Tonto Team to an earlier state-backed Chinese hacking campaign, identified by Tokyo-based cybersecurity firm Trend Micro Inc. in 2012, which focused on South Korea’s government, media and military. Trend Micro declined to comment.

Two cybersecurity reports this month accused APT10 of launching a spate of recent attacks around the globe, including on a prominent U.S. trade lobbying group. One of those reports, jointly published by PricewaterhouseCoopers LLP and British weapons maker BAE Systems, said the Chinese hacker collective has recently grown more sophisticated, using custom-designed malware and accessing its targets’ systems by first hacking into trusted third-party IT service providers.

Because of the new scrutiny from that report, FireEye said in a recent blog post that APT10 was likely to lay low, though in the longer run, it added, “we believe they will return to their large-scale operations, potentially employing new tactics, techniques and procedures.”

Write to Jonathan Cheng at and Josh Chin at



Newfound Bugs Expose Webcams’ Vulnerabilities

March 20, 2017

Computer viruses are harnessing webcams, thermostats and other connected devices—while owners remain in the dark

A security camera at a laundromat in Carbondale, Colo. The laundromat’s security system was affected by virus that harnesses the computing power of internet-connected devices to launch attacks.

A security camera at a laundromat in Carbondale, Colo. The laundromat’s security system was affected by virus that harnesses the computing power of internet-connected devices to launch attacks. PHOTO: BLAKE GORDON FOR THE WALL STREET JOURNAL


March 20, 2017 5:30 a.m. ET

Researchers in recent weeks discovered a laundry list of vulnerabilities that leave web cameras and digital video recorders open to hacking, often because the devices continue to run outdated software.

Earlier this month, independent security researcher Pierre Kim named seven bugs afflicting more than 1,200 webcam models, allowing attackers to bypass firewalls, log into the devices with a preprogrammed “backdoor” account or watch a live stream of the cameras without signing in at all.

Mr. Kim advised owners of the affected cameras to immediately disconnect them from the internet, noting that hundreds of thousands of the devices are vulnerable to one bug and millions more could be accessed through another security flaw.

Some of the hacks exploited a modified version of GoAhead, a web server used with many internet-connected devices. Michael O’Brien, chief executive of GoAhead maker EmbedThis Software LLC, said he found some manufacturers shipping products with 13-year-old versions of his software. Without proper security, “you’re hurting the customer and hurting the broader internet,” he said.

Manufacturers are expected to add another 2.5 billion connected devices, from laptops to lightbulbs, to the market this year, according to IHS Markit Research. Many are programmed to download the latest security updates out of the box, but others require their owners to do it manually.

Some camera makers are shoring up their defenses. D-Link Systems Inc., one of the brands listed in Mr. Kim’s research, said it is monitoring third-party reports and recommends that customers register and use its software-update services to keep their cameras secure. Dahua Technology Co. this month released updates to patch new security gaps in its cameras and digital video recorders, after they were revealed by an independent researcher who goes by “Bashis” online.

Still, given the continuing cat-and-mouse game between hackers and security experts and the large number of manufacturers that still ship devices with outdated software, “this is a bad time for camera owners,” Mr. Kim said.

Write to Drew FitzGerald at

Cyber warriors see politics, other priorities getting in the way of U.S. cyber policy work — muddying security efforts

February 16, 2017


© Getty/AFP/File / by Glenn CHAPMAN | The US cyber policy task force strongly advocated bulking cyber defenses and ramping up the cost of attacks to discouraging levels

SAN FRANCISCO (AFP) – President Donald Trump has vowed to improve cyber attack defense, but security experts meeting this week say a fractious domestic and international political landscape could hamstring efforts to improve internet security.

As the White House mulls an executive order on cybersecurity to combat an epidemic of data breaches and hacks, participants at the annual RSA Conference voiced concern that dwindling political unity will challenge efforts to improve defense.

“The core of the problem hasn’t changed; defenders have to win every time whereas attackers only have to win once,” Forrester Research vice president and group director Laura Koetzle told AFP, while discussing the current state of online threats.

“What is different now is that the geopolitical situation is more unstable than it has been in quite a while.”

Anti-globalization rhetoric that has been inflamed by Trump’s rise and the United Kingdom’s Brexit have shaken faith in the “globally interconnected world order” — seen as upholding rules and agreements to peacefully resolve online and real-world differences between nations.

If alliances for thwarting online assaults weaken, Koetzle said, “greater testing from Russia, North Korea, China” and others can be expected, as countries test how far limits can be pushed.

The issue of cyber defense was brought to the forefront after US intelligence officials concluded Russia had carried out a series of attacks aimed at disrupting the election, possibly helping Trump’s campaign.

And an unprecedented series of breaches that have compromised data on millions of US government employees, internet giants such as Yahoo and large companies like Sony Pictures present additional challenges to the administration.

– ‘Digital Geneva Convention’ –

Microsoft chief legal officer Brad Smith used the RSA stage to call for a “Digital Geneva Convention” that would set lines that should not be crossed in cyber war, with an independent oversight body to identify offenders.

“Just as the Fourth Geneva Convention has long protected civilians in times of war, we now need a Digital Geneva Convention that will commit governments to protecting civilians from nation-state attacks in times of peace,” Smith said during a keynote presentation.

While addressing RSA attendees, Representative Michael McCaul, a Texas Republican who heads the House Committee on Homeland Security, was among those warning of looming cyber threats.

“There is no doubt in my mind that the Russian government tried to undermine our elections,” McCaul said.

“Cyber intrusion has the potential to change the very fabric of our democracy.”

Sameer Bhalotra, co-chair of a task force formed to advise Trump at the Center for Strategic and International Studies, said the country needs an agency that investigates cyber attacks.

He said the administration’s stance on reducing regulation could speed the adoption of national computer security standards, because there would be less worry about being tethered by rules.

– Technology and trust –

Cyber policy task force co-chair Karen Evans had advised the administration to consider data as belonging to the user — an approach that could bolster arguments against weakening encryption or building in back doors to access people’s data.

The task force also strongly advocated bulking cyber defenses and ramping up the cost of attacks to discouraging levels, while urging the government to rely on the private sector.

Trump had been expected to release an executive order focused on cyber security early this week, but it was unclear Wednesday when it might land.

Recommendations from the task force included a few radical ideas, such as befriending hackers and promoting “bug bounties” to reward those who discover system vulnerabilities, said Nico Sell, co-founder of encrypted messaging service Wickr.

“If the administration expects an improvement in how we deal with cyber incidents, they will have to figure out how to foster trust — especially in this charged environment,” Koetzle said.

“The poisoning of politics fosters a tendency of not collaborating with institutions, and that is when things break down; especially in cyber security.”

by Glenn CHAPMAN

Image may contain: one or more people and people sitting

Pretty much everyone on earth knew she knew nothing about security of information….

 (October 2013)

 (October 2013)

John Emerson, Washington's man in Berlin, to meet with Guido Westerwelle, German foreign minister, over claims Angela Merkel's phone was tapped by US

Chancellor Merkel called President Obama demanding answers after reports emerged that the US may have been monitoring her phone Photo: YVES HERMAN/REUTERS

 (October 2013)

James Clapper talking to a group of people
James Clapper

 (October 2013)

 (November 2013)

 (November 2013)

 (January 2014)

No automatic alt text available.

  (January 2014)

 (February 2014)

 (February 2014)

 (March 2014)

   (December 2014)

U.S. Ambassador to the United Nations Samantha Power speaks at the Center for American Progress’ 2014 Making Progress Policy Conference in Washington November 19, 2014.  Credit: Reuters/Gary Cameron

  (December 2014)

 (January 2015)

  (February 2015)

 (February 2015)

  (March 2015)

No automatic alt text available.

  (Apeil 2015)

  (May 2015)

  (May 2015)

China’s Cyber Strategy Stresses Securing Infrastructure

December 27, 2016

Newly released framework summarizes goals enumerated in regulations adopted over the past year

On Wednesday Nov. 16, Chinese President Xi Jinping delivered a televised speech at the opening ceremony of the 3rd World Internet Conference in Wuzhen township in Tongxiang city in eastern China's Zhejiang province. China's leaders and official media are pushing for greater control of the internet and technology products as tensions surrounding a far-reaching Chinese cybersecurity law loomed over the gathering of the world's leading tech firms and Chinese officials.
On Wednesday Nov. 16, Chinese President Xi Jinping delivered a televised speech at the opening ceremony of the 3rd World Internet Conference in Wuzhen township in Tongxiang city in eastern China’s Zhejiang province. China’s leaders and official media are pushing for greater control of the internet and technology products as tensions surrounding a far-reaching Chinese cybersecurity law loomed over the gathering of the world’s leading tech firms and Chinese officials. PHOTO: ASSOCIATED PRESS

Dec. 27, 2016 7:41 a.m. ET

BEIJING—China’s internet regulator issued the country’s first cyber strategy, emphasizing the necessity of securing critical infrastructure and the government’s right to control cyberspace in Chinese territory.

The strategic framework released Tuesday by the Cyberspace Administration of China offers few fresh initiatives but summarizes goals enumerated in a cybersecurity law and other regulations adopted over the past year. A guiding concept is “internet sovereignty”—which the document defines as China’s right to police the internet within its borders and participate in managing international cyberspace.

Under the cyber plan, equipment suppliers for a range of industries will be subject to security reviews to ensure adequate defenses against hackers. In addition to the finance, energy, telecoms and other critical sectors mentioned in the cybersecurity law, the document lists education, medicine and scientific research as among the fields subject to the reviews.

The strategy is likely to renew concern among Western governments and businesses about China’s censorship, industrial policies that use security concerns to favor local companies and a general fracturing of cyberspace into national enclaves.

The proposed security reviews have been particularly controversial in recent years, as Beijing has moved to tighten control over information networks. Western trade groups said China may use the security reviews to discriminate against foreign companies and force them to transfer proprietary technology. China’s Cyberspace Administration has said they would apply to domestic and foreign suppliers equally; its strategy document vowed to “protect internet security while maintaining openness to foreign parties.”

The strategic framework said China would use economic, legal, diplomatic and military means to protect its information security, though it didn’t elaborate.

“Cyberspace is the new territory of a country’s sovereignty,” the document said. “China should build up its defense capabilities in cyberspace as befits a cyber superpower.”

Unlike the U.S. national cyberspace strategy in 2011 which reserved the right to respond to cyberattacks with traditional military force, China’s strategy is more focused on domestic political priorities, said Fang Xingdong, founder of internet think tank ChinaLabs. He cited “political security and cultural security,” a catchphrase for domestic criticisms of the government.

”These challenges are actually different from the ones facing the U.S., so Americans have trouble understanding it or finding it acceptable,” said Mr. Fang.

Many planks in China’s cyberstrategy deal with the censorship of politically sensitive content and promoting websites with “socialist core values”—concepts that the ruling Communist Party advocates as an alternative to universal Western values.

Write to Eva Dou at

China’s Foreign Minister Wang Yi Spells Out China’s Role in The World

March 8, 2016

By Zhuang Pinghui, Liu Zhen and He Huifeng
South China Morning Post

Will China allow the media to visit the disputed South China Sea islands? Is wayward North Korea still an ally? Will Beijing further expand its interests abroad?

Chinese Foreign Minister Wang Yi addressed the sensitive issues at his annual press conference, which took place on the sidelines of the National People’s Congress in Beijing on Tuesday morning.

We give you the highlights.

North Korea

“The confrontation in the Korean Peninsula is tense and full of the smell of ‘gunpowder’… China will not watch its own security interests being damaged for no reason.”

China will not sit by and watch the stability of the Korean Peninsula being disrupted, Wang said.

Beijing will also not compromise its stance on the denuclearisation of the region, he said.

“We stand firm on the denuclearisation path of the Korean Peninsula and will not tolerate any nuclear or missile plan that North Korea advances,” Wang said.

“The confrontation in the Korean Peninsula is tense and full of the smell of ‘gunpowder’. It would be a disaster for all parties if the tension intensified or got out of control.

An undated file picture released by the Rodong Sinmun, the newspaper of the North Korean ruling Workers Party, shows a North Korean military’s missile firing drill at an unknown location in North Korea. Photo: EPA

READ MORE: North Korean nuclear weapons ‘on standby’ after sanctions, while US and South mull missile deployment

“As the peninsula’s biggest neighbour, China will not watch its stability being sabotaged or China’s own security interests being damaged for no reason.

“We strongly urge all parties to maintain sensible restraint and not further aggravate the conflict.”

Wang did not directly answer questions on whether China and North Korea remained allies or if there would be another Korean war.

Rather, he described the two as having “normal nation-to-nation relations with a profound friendship”.

The foreign minister reiterated China’s support for the long-stalled six-party talks to find a peaceful resolution over North Korea’s nuclear weapons programme

Beijing was open to all initiatives, even if it involved fewer parties, as long as it could bring Pyongyang back to the negotiating table, he said.

An aerial view of facilities being built on Spratly Island’s Johnson Reef in the disputed South China Sea. Photo: EPA

South China Sea

“China will not allow … anyone to muddle the South China Sea and cause chaos in Asia.”

China will not allow anyone to cause chaos in the South China Sea, Wang said.

As the biggest coastal country along the South China Sea, Beijing wished to uphold freedom of navigation in the region but that did not mean the freedom to do anything any country wanted, he warned.

“China will not allow – nor would most countries in the region – allow anyone to muddle the South China Sea and cause chaos in Asia,” Wang said.

READ MORE: China enlists fishermen’s help to protect maritime rights in disputed South China Sea

The foreign minister shrugged off accusations that Beijing was militarising the South China Sea.

China was not the first country to build military facilities the region, he said, nor was it the country with the most such facilities or activities being conducted there.

“China cannot be accused of militarisation. This label suits other countries better,” Wang said, without making direct reference to the United States.

Beijing was merely building necessary defence and civil facilities on the Spratly Islands, he said.

Beijing’s efforts to set up emergency maritime hotlines in the region had been “obstructed by certain individual countries” and that was why people saw little progress, he added.

Wang said China would not rule out taking journalists to the disputed islands after its infrastructure facilities were completed.

China’s President Xi Jinping arrives in Pretoria on his state visit to South Africa late last year. Photo: EPA

China’s overseas interests

“We are willing to try to build some necessary infrastructure and support facilities in the regions of Chinese interests.”

China will take more active measures to protect its growing interests overseas, Wang said.

Millions of Chinese nationals live abroad, more than 30,000 Chinese companies have offshore offices, and China’s overseas assets in stock amount to several trillions of US dollars.

The massive scale of China’s interests overseas required Beijing’s effective protection, the foreign minister said.

“It is a pressing task for China’s diplomacy,” Wang said.

On top of existing anti-pirate naval fleet escorts in the Aden Gulf and contributions of funds and personnel to UN peacekeeping missions, China would take up more international security obligations, Wang said.

READ MORE: Chinese tycoon eyes huge potential for mainland companies in Africa

Asked about the setting up China’s first overseas naval base in Horn of Africa country Djibouti, Wang said the move was “reasonable, logical and compatible with international norms”.

“We are willing to try to build some necessary infrastructure and support facilities in the regions of Chinese interests,” he said.

China would take part in more law enforcement and security cooperation programmes and constructively participate in resolving international and regional issues politically, Wang said.

But it would not seek hegemony or expand as traditional powers did, he added.

Demonstrators hold up China’s and the United States’ national flags as they gather at sunset in Washington ahead of Chinese President Xi Jinping’s state visit last year. Photo: EPA

United States

“I believe that the two countries can think over how to develop cooperation in the South China Sea after the US truly calms down.”

China and the United States could consider maritime cooperation when “the US truly calms down”, Wang said.

Frictions between the two sides had increased of late because of disputes in the South China Sea, he said, but Beijing remained hopeful as previous disputes over internet security were eased after a dialogue was set up between the two countries.

“Recently, there has been growing friction [between China and the US] because of maritime disputes [over the South China Sea]. But I believe that the two countries can think over how to develop cooperation in the South China Sea after the US truly calms down.” Wang said.

READ MORE: ZTE faces US export restrictions over Iran surveillance system deal

The foreign minister also slammed US sanctions over ZTE, China’s largest listed telecommunications manufacturer, as a move that “causes harm to itself and others”.

Both sides should face their differences and find ways to resolve their problems, such as through the two nations’ cooperation in last year’s Paris climate talks, he said.

Wang added that the root of the tension lay in Washington’s suspicions about Beijing’s intentions and worries that China would one day replace the US.

“China is not the US and China will never become another US. We have no intention of replacing any other country as a leader of others,” he said.

The relationship between China and Japan have been strained over maritime and historical disputes. Photo: Reuters


“Japan should think hard and think it through whether to treat China as friend or foe, partner or opponent.”

The outlook for Sino-Japanese relations offered no optimism although there had been signs of improvement, Wang said.

Ties with Tokyo had been badly damaged because of Japanese leaders’ “double-faced” behaviour in claiming to be trying to improve relations while at the same time continuing to cause trouble for Beijing, the foreign minister said..

“As far as the China-Japan relationship goes, the root cause of the [strained ties] lies in Japanese leaders’ wrong perception of China,” Wang said.

“Japan should think hard and think it through whether to treat China as friend or foe, partner or opponent.”

READ MORE: China, Japan mull restarting ministerial talks on economic affairs after 5 ½-year gap, says report

Sino-Japanese ties have been frosty since 2012 when Tokyo chose to nationalise the disputed Diaoyu Islands in the East China Sea, which are administered by Japan but claimed by China.

High-level diplomatic talks between the two countries almost came to a standstill and Beijing called off a proposed visit by Japanese Foreign Minister Fumio Kishida.

China’s iron fist on internet can’t last: “Government’s strict control over the internet on the mainland is certainly unsustainable”

December 17, 2015

Beijing has long placed strict limits on mainlanders’ online freedoms, but is now also trying to demonstrate its softer side to help win the hearts and minds of the public – at home and abroad

By Jun Mai
South China Morning Post

The World Internet Conference is taking place in China’s Zhejiang province this week at a time when Beijing is becoming increasingly assertive in the way that it controls the use of the internet on the mainland.

“Over the past few years, Beijing has gone from passive defence to active offence in its internet security,” said Qiao Mu, a communication expert at the Beijing Foreign Studies University.

“Staging the conference is a way for China to showcase the legitimacy of its internet governance.”

Internet security has become an increasingly important priority for the Communist Party over the past two years.

Read more: The world needs new rules for cyberspace, says China’s President Xi Jinping

The Central Leading Group for Internet Security and Informatisation was founded last year to oversee the issue.

Members of the group, chaired by President Xi Jinping himself, include top cadres from the State Council, the nation’s chief administrative authority, and party ideology organs.

Last July, the National People’s Congress, China’s top law-making body, published a draft of the country’s first internet security law – a move that usually ensures passage of legislation.

According to the draft, which has great emphasis on state security, law enforcement personnel will be authorised to cut access to the internet during times of social unrest. State security authorities will also have legal grounds to obtain information from telecom carriers.

“The internet involves the everyday life of many citizens and therefore it’s a problem of social stability and national security,” said Zeng Jianqiu, a professor at Beijing University of Posts and Telecommunications. “Internet security transcends ideology. It also has a lot to do with counterterrorism.”

Read more: Double standards: China’s push to develop internet for economic gain tempered by strict censorship

Beijing has expanded the realms of internet security beyond simply fighting the illegal collection of personal information online, internet fraud and the use of the internet for terrorism.

In a nationwide crackdown on online rumours launched in the summer of 2013, hundreds of internet users were punished and some detained for disseminating “rumours” on the internet, according to the Southern Weekly.

Several influential online bloggers were convicted on various charges, including “picking quarrels and provoking trouble”, which effectively silenced others.

“Judging by the present situation, I think we should attach great importance to speeches on the internet in our propaganda work,” Xi said during the crackdown in August 2013, according to the social media account of thePeople’s Daily’s overseas edition.

“[We] must grasp the initiative in the area of speeches and not be marginalised.”

China’s Communist party newspapers are adopting softer, more casual language in their propaganda – referring to President Xi Jinping and his wife, Peng Liyuan, as ’Father Xi and Mother Peng’ and focusing on Peng’s fashion sense to boost their popularity on the mainland and abroad. Photo: Xinhua

Three months later, Xi expanded on a key party document outlining the country’s comprehensive reforms, which included the party strengthening its leadership by tightening internet controls.

He said: “Internet security affects state security and social stability. It’s a new challenge we are facing.”

Last month, Huang Kunming, the party’s deputy propaganda chief, went as far as to use the word “battlefield” to describe the ideological struggle faced over internet security, when he wrote an article in the People’s Daily calling on the authorities to “strengthen the building of the online battlefield of thoughts and culture”.

Qiao said: “Internet security carries a different meaning in China. It’s mainly a problem of political security. Most of the measures Beijing have taken are because of political considerations, including the fear of the impact of things such as the Arab Spring [uprisings from 2010 against governments in many Middle East countries].”

Beijing has also taken steps to improve its image on the internet.

Over the past two years the State Council has repeatedly filed directives urging government departments to open social media accounts and criticised “zombie accounts” that have not been maintained an updated.

Party newspapers have also adopted softer, more casual language in their propaganda, for instance, referring to Xi and his wife, Peng Liyuan, as “Father Xi and Mother Peng”. These affectionate terms, combined with the couple’s seemingly casual personal style and the emphasis of the media on Peng’s fashion sense, have gained popularity among the public.

“These are effective tactics for the time being,” Qiao said. “More benevolent methods were adopted, and communication with netizens was encouraged. But the government’s strict control over the internet on the mainland is certainly unsustainable.

“It’s like a blockade, which is preventing prosperity of the internet industry, China’s integration into the mainstream culture of the world and also the obtaining of knowledge. We can’t even use Google Scholar [to search for academic research].”


Internet encryption: A primer

December 14, 2015

By Robert Gebelhoff
The Washington Post

(Pawel Kopczynski/Reuters)

The FBI’s investigation of the two San Bernardino, Calif., shooters has revealed much about the attackers’ backgrounds. We know now that they met online through a dating site, were radicalized a couple of years ago and eventually pledged support to the Islamic State on social media.

But there is one detail that many in Congress and in the tech community are anxiously waiting to hear: whether the shooters ever used encrypted messages to communicate their plans for the shooting.

Without a doubt, a revelation that such technology was used would reignite the debate on Internet encryption — the coding of online information so that only those sending and receiving a message can see it — and whether governments should regulate how tech companies ensure privacy online.

The issue has become particularly salient due to the recent terrorist attacks across the globe, especially as groups like the Islamic State take advantage of online platforms to disseminate information and plan attacks. President Obama briefly touched on the topic in his address to the nation on the shooting, urging “high-tech and law enforcement leaders to make it harder for terrorists to use technology to escape from justice.”

The debate has become more and more lopsided as digital technology has rapidly developed. Originally, encryption technology was classified as a “munition” in the United States, meaning it was treated as a military weapon and subject to regulation. By the mid-’90s, however, the government effectively gave up on keeping it under control, as concerns mounted that the government was intruding on privacy and that “backdoors” into computers and phones would end up harming security. Now, practically everything is encrypted — your phone messages, your emails, your bank account, as well as popular messaging apps such as Facebook and Telegram used by everyone from teenagers to potential terrorists.

In many ways, that’s a very good thing. Encryption is designed to protect people from hackers and criminals who want to steal personal information. In general, it’s seen as an effective tool to prevent crime and protect privacy, which is why the tech industry stands nearly unanimously in favor of the technology.
The value of the technology is called into debate when it is used to protect those who want to do harm — like terrorists. Restrictions on encryption are mostly supported by those in national security and defense, who call for regulation of the technology so the government can more easily access hidden information. The FBI has long argued that the world of crime is “going dark” thanks to encryption, and though it hasn’t yet been proved that the terrorists in Paris used encrypted communication, CIA director John Brennan called the attacks a “wake-up call” in terms of Internet security.

The battle over encryption is a reemergence of the age-old debate pitting privacy against security. However, it’s clear the issue will only become more divisive over time, as we continue to hurtle into a digital era of more advanced technology — one in which terrorist groups and criminals can increasingly find refuge and connection on social media and the dark places of the Internet.

When the technological landscape is continuously redesigning itself, how ought we to monitor the world? Should we? And as we continue to venture further into this debate, is there any way for the technology and intelligence communities to cooperate with one another?
Robert Gebelhoff contributes to The Washington Post’s Opinions section.


Philippines ranks 33rd among cyberattack-prone countries

November 27, 2015


By Yuji Vincent Gonzales
The Philippine Daily Inquirer

The Philippines ranked 33rd out of 233 countries prone to cybersecurity threats in third quarter of 2015, up 10 notches from its placing in the second quarter, an Internet security company reported.

Kaspersky Security Network’s Q3 Threat Evolution report said the country experienced a rapid rise in malware infections for July, August, and September this year.

The report also said 17 percent of Filipino Internet users are “infected” by malicious programs, two percent higher than the data posted in the second quarter.

“From 43rd place to 33rd place in just three months, this shows that cyberattacks against the Philippines are accelerating at full speed. The Philippines may not be one of the top targets yet, but there is no doubt that cybercriminals are now noticing the country,” said Jimmy Fong, Channel Sales Director of Kaspersky Lab Southeast Asia, in a statement.


In a global scale, Kaspersky said mobile threats and attempted theft in online banking are also increasing.

“The developments in Q3 demonstrate that the global threat landscape is continuing to evolve at a fast pace. Malicious mobile programs are on the rise and in countries where online banking is popular, people are at considerable risk from Trojans looking to target them,” said David Emm, principal senior security researcher at Kaspersky Lab’s Global Research and Analysis team.

“With 5.6 million cases of attempted theft from online bank accounts, and cybercriminals continually developing sophisticated attacks, the use of high quality cybersecurity products has never been more important. It’s vital that all those using the Internet – both individuals and organizations – protect themselves from these growing threats,” he added.

The report added that a total of the 235.45 million malicious attacks from online resources have been located in the world, 75.4 million unique URLs were recognized as “malicious” by web antivirus components, and 5.69 million registered notifications about attempted malware infections aiming to steal money from bankaccounts accessed online.

– See more at:

North Korea Suspected of Hacking Seoul Subway Operator

October 5, 2015

Agence France-Presse

SEOUL:  North Korea is suspected of having launched a cyber attack last year on the South Korean capital’s subway system that carries millions of commuters every day, a Seoul lawmaker said today, citing intelligence reports.

The attack, staged between March and August 2014, affected several servers of Seoul Metro, which runs four major subway lines, ruling party legislator Ha Tae-Kyung said.

Nearly 60 employee computers were infected by malware, Ha said.

After analysing the hacking records, the National Intelligence Service (NIS) found that the malware codes were similar to those North Korean hackers have employed before, he added.

A Seoul Metro spokesman confirmed the hack, but stressed that computers used for the direct operation of subway lines were not compromised.

“There were data and information leaks, but none related to direct operations,” the spokesman said.

“We still don’t know who was behind the attack,” he added.

Seoul’s subway network is one of the busiest in the world, carrying around 5.25 million passengers a day.

South Korea has blamed North Korean hackers for a series of cyber attacks on military institutions, banks, government agencies, TV broadcasters and media websites in recent years.

Last December Seoul accused Pyongyang of launching a cyber attack on South Korea’s nuclear power plant operator. Pyongyang denied any involvement and accused Seoul of fabricating the incident.

South Korea has strengthened Internet security since it set up a special cyber command in 2010, amid growing concern over its vulnerability.

The South’s defence ministry believes North Korea runs an elite cyber warfare unit with up to 6,000 personnel, and regards its ability to launch hacking attacks as a major security threat.