Chinese search engine Baidu sued by New Yorkers

China’s biggest search engine, Baidu was sued on Wednesday by eight New York residents who accused China’s biggest search engine of conspiring with the country’s government to censor pro-democracy speech, Reuters reported.

The lawsuit claims violations of the U.S. Constitution and according to the plaintiffs’ lawyer is the first of its type.

It was filed more than a year after Google Inc declared it would no longer censor search results in China, and rerouted Internet users to its Hong Kong website.

Baidu did not return a request for a comment.

According to the complaint filed in the U.S. District Court in Manhattan, Baidu acts as an “enforcer” of policies by the ruling Communist Party in censoring such pro-democracy content as references to the 1989 Tiananmen Square military crackdown.

This censorship suppresses the writings and videos of the plaintiffs, who are pro-democracy activists, to the extent that they do not appear in search results, the complaint said.

It also violates laws in the United States because the censorship affects searches here, according to the complaint.

“We allege a private company is acting as the arm and agent of a foreign state to suppress political speech, and permeate U.S. borders to violate the First Amendment,” Stephen Preziosi, the lawyer for the plaintiffs, said in an interview.

Preziosi said the alleged censorship also violates federal and New York civil rights laws, as well as New York’s human rights law, on the grounds that “an Internet search engine is a public accommodation, just like a hotel or restaurant.”

The lawsuit seeks $16 million in damages, or $2 million per plaintiff, but does not seek changes to Baidu’s policies.

“It would be futile to expect Baidu to change,” Preziosi said. The plaintiffs live in the borough of Queens in New York City and on Long Island.

China’s Internet censorship practices are viewed as reflecting its belief that keeping a tight grip on information helps the government maintain control. There have been mounting concerns in China that open dissent on the Internet could contribute to destabilizing the country.

Searches for terms deemed sensitive by Chinese censors are routinely blocked, and search engines such as Baidu voluntarily filter searches.

China also blocks social networking sites Facebook, Flickr, Twitter and Google’s YouTube, and President Hu Jintao has called for additional oversight and “mechanisms to guide online public opinion.

Google effectively pulled out of China last spring by redirecting inquiries on its main Chinese-language search page to a website in Hong Kong, avoiding direct involvement in any censorship by the “Great Firewall of China.”

New SMS Trojan “zsone” covertly sends premium SMS from Android phones to China

Taiwanese security firm, AegisLab has found that Android apps published by “zsone” were embedded with malicious code segments. The apps, which include iBook, iCartoon, iGuide, iCalendar, LoveBaby and Sea Ball, are embedded with malicious code that covertly sends text messages to three different premium-rate numbers without their knowledge or approval.

At least 11 Android apps contain malware that is rigged to automatically send text messages from your Google Android smartphone to phone numbers in China.

Currently the malicious behavior observed by Aegis only works in China, therefore if your location is in China, it is advisable to check your system and see if any zsone’s apps appear on your device.

Below is the list Aegis found that are published by zsone and are suspicious (iSMS/iLife are not included,  still investigating):

iBook

iCartoon

LoveBaby

3D Cube horror terrible

Sea Ball

iCalendar

iMatch 对对碰

Shake Break

ShakeBanger

iMine

iGuide

Recently Juniper Networks released a report that indicated Android based malware are on a sprawl with a 400% increase in just 6 months.  While Google controls the ‘kill switch’ to remotely wipe any malicious apps that are found on Android phones, it still doesn’t have a mechanism like Apple’s Appstore to scrutinize them for malicious code before they land on the Android Marketplace. In order to restrict the sprawl of such malicious apps, Google needs to take measure to prevent them from being published on the Android Marketplace instead of using the kill switch every time a problem is identified.

Kaspersky Lab Obtains US Patent for Rootkit Detection and Treatment System

Kaspersky Lab has obtained a US patent for a method of combating rootkits that has already been implemented in a number of its security products.

Rootkits are malicious programs that can run at the kernel level of an operating system and load when the system boots. This makes rootkits difficult to detect using standard protection tools. Detecting and treating rootkits usually poses a daunting challenge for antivirus vendors. However, the experts at Kaspersky Lab have designed and patented a method that effectively combats the cybercriminals’ most sophisticated creations.

At the heart of patent No. 7921461 is a method of detecting rootkits that creates two images of the operating system during the boot process: one before and the other after drivers are loaded at the kernel initialization stage. The images created in kernel mode include system services that can be identified by a special flag. The presence of a rootkit in the system can be determined by comparing the two images. This comparison identifies whether the system has changed during the boot process and where any change occurred. Based on this data, the system can be treated and the rootkit neutralized.

“The newly patented method is advantageous in that the data is collected while the operating system boots, so the user will not notice any deterioration in system performance,” said Andrey Sobko, inventor of the technology and Head of Driver Development at Kaspersky Lab.

Currently, over one hundred applications filed by Kaspersky Lab are being processed by the patent authorities in the USA, Russia, China and Europe. These pending patents all cover innovative new IT security technologies.

East West Institute warns of a 9/11 type attack on global Internet

World’s top ‘track 2 diplomacy’ institution and New York-based think-tank, the East West Institute has warned of a ‘9/11 type’ of attack on the undersea cables that connect India to the rest of the world.

Addressing Indian telecom secretary R Chandrasekhar and officials of the Indian home ministry, the founder of the 30-year-old think-tank, John Edwin Mroz, said he expects a “massive 9/11” type of attack on the Internet very soon. Mroz was instrumental in leading to the establishment of an agreement in 1984 between the Nato and the Soviet block to alert each other of troop movements.

“We have to address the cockpit door in cyber security,” Mroz said, referring to the security flaw in cockpit doors that allowed the 9/11 terrorists to force their way in and attack the plane pilots. “We have to do it before the 9/11 type of attack occurs,” he added. The institute specializes in building bridges between major governments to overcome global security concerns.

In its presentation, the Institute highlighted the possibility of terrorist attacks on the core backbone of the Internet — the under-sea cables that carry nearly all of its traffic from one corner of the world to another.

“There are three major chock points for the Internet and unfortunately, India is right in the middle of all three,” said Karl Rauscher, chief technology officer of East West Institute.

The three ‘chock points’ for undersea cables are the Luzon strait between China and Taiwan, the Malacca strait between India and Sri Lanka and the Red Sea between Saudi Arabia and Africa.

Between Africa and Asia, for example, all the handful of undersea cables connecting India to Europe and the US pass through an area that is only around 500 metre wide, raising the possibility of a bomb attack or a simple ‘snag and snap’ attack.

The cables are laid at a depth of around 1 metre under the sea-bed, but are often exposed due to movement of the sand. India’s only alternate route of connectivity to the US, through the Luzon straits, too can be compromised by a co-ordinated attack, leaving the country without connectivity to US and Europe.

“The results can be disastrous. Eespecially due to the dispersed nature of the world’s financial services industry.. For big financial hubs like London or New York, there is just no plan B if the Internet goes down,” Rauscher added.

The alternatives suggested by the group primarily revolve around opening up of non-traditional routes for laying sub-sea cables and easing the movement of repair ships through national waters.

The telecom secretary, on his part, said India is setting in place a ‘command structure’ to address issues of cyber security.

Hackers made $11 million in unauthorized transfers to China, says FBI

In a first of its kind report, Federal Bureau of Investigation, U.S. (FBI) has quantified the economic impact of Chinese hackers on U.S. businesses. According to a fraud alert from FBI, U.S. businesses have been taken for at least $11 million over the last year thanks to unauthorized wire transfers to China. Cybercriminals have been compromising the businesses’ banking credentials in order to send money overseas.

At least 20 incidents occurred between March of 2010 and April of 2011 that resulted in the credentials of small-to-medium-sized businesses being compromised. According to the FBI, the typical scenario involves scammers sending phishing e-mails to the business in question, at which time someone enters the business’ banking credentials into a malicious website. The scammers then use the credentials to log into the business’real banking website in order to wire money to “Chinese economic and trade companies.”

In just a year, this resulted in $11 million in losses, with transfer amounts ranging from $50,000 to $985,000 at a time. The total attempted amounts were closer to $20 million, though—the FBI says that many attempted transfers were over $900,000, but the scammers are usually more successful trying smaller amounts. On top of the electronic wire transfers, some of the scammers also sent domestic money mules to the U.S. in order to make further fraudulent transactions.

“The economic and trade companies appear to be registered as legitimate businesses and typically hold bank accounts with the Agricultural Bank of China, the Industrial and Commercial Bank of China, and the Bank of China,” the FBI warned. “At this time, it is unknown who is behind these unauthorized transfers, if the Chinese accounts were the final transfer destination or if the funds were transferred elsewhere, or why the legitimate companies received the unauthorized funds. Money transfers to companies that contain these described characteristics should be closely scrutinized.”

The FBI says that some—but not all—cases seem to involve attacks through malware such as ZeuS, Backdoor.bot, and Spybot.

Governments snooping more and more on Internet

Freedom on the Internet is coming under more and more threat from governments around the world, according to the second ‘Freedom on the Net’ (FOTN) report by the Freedom Institute for 2011.

The study of 37 countries found former Soviet republic Estonia to have the freest Internet, with a restriction of just 10 points, followed by the United States with a restriction score of 13.

The most restricted Internet is for users in Iran, Cuba, China and Burma, with restriction levels of between 83 and 89 (out of 100).

The overall trend, the report found, was towards less and less freedom on the Internet as governments become more and more alarmed at or better at controller what they consider uncomfortable exchange of information and co-operation through the Internet.

“Of the 15 countries covered in the pilot [report of 2009], a total of 9 registered score declines over the past two years,” the report noted.

Freedom House is an international non-governmental organization (NGO) based in Washington DC that conducts research and advocacy on democracy, political freedom and human rights, known for its annual report on democratic freedoms in each country.

Even in the newly added countries, the report, compiled by more than 40 researchers based around the World, found evidence of a “negative trajectory,” in at least half of them in the last two years.

It found increased government blocking, filtering, legal action, and intimidation to prevent users from accessing unfavorable content and in other places, cyberattacks, misinformation, and other indirect methods to alter the information landscape, such as creating dummy sites.

“These states are increasingly blocking and filtering websites associated with the political opposition, coercing website owners into taking down politically and socially controversial content, and arresting bloggers and ordinary users for posting information that is contrary to the government’s views,” it pointed out.

It held the increased governmental nervousness in many repressed countries to the role played by Internet-based organization and communication tools like Facebook, Twitter etc.

“In 12 of the 37 countries examined, the authorities consistently or temporarily imposed total bans on YouTube, Facebook, Twitter, or equivalent services,” it noted.

The report found that out of the total 6.5 billion people in the World, over two billion now have access to the Internet — nearly double that of five years ago.

• Specific examples of Governments blocking or manipulating Internet chronicled in the report include the following:South Korean authorities blocked access to an estimated 65 North Korea–related sites, including the official North Korean Twitter account, launched in August 2010.
• A Chinese woman was sent to a labor camp over a satirical Twitter message,
• An Indonesian housewife faced high fines for an e-mail she sent to friends complaining about a local hospital.
• A 19-year old Tibetan was detained after looking at online photographs of the Dalai Lama.
• A Thai judge in March 2011 sentenced a web developer to 13 years in prison for comments he posted and for refusing to remove the remarks of others.
• In Thailand, at least one editor is facing criminal charges over reader comments that were critical of the monarchy.
• In Belarus, the country’s largest ISP, the state-owned Belpak, redirected users from independent media sites to nearly identical clones that provided misleading information, such as the incorrect location of a planned opposition rally.
• In Egypt, officials shut down the Internet nationwide for five days in January in an unsuccessful attempt to curb anti-government protests. The operation was accomplished within the span of one hour.
• The award for the best anti-freedom activities on the Internet was given to the Chinese government.

Among the strategies developed by the Chinese government, it is hiring people to post pro-government comments in discussion to drown dissenters and complainers. Such people even have a name, the “50 Cent Party”, the report noted.

“Recruiting advertisements for similar commentators have reportedly begun to appear on Russian job sites,” it pointed out.

“China has emerged as a major global source of cyberattacks. Although not all attacks originating in the country have been explicitly traced back to the government, their scale, organization, and chosen targets have led many experts to conclude that they are either sponsored or condoned by Chinese military and intelligence agencies.

“The assaults have included distributed denial-of-service (DDoS) attacks on domestic and overseas human rights groups, e-mail messages to foreign journalists that carry malicious software capable of spying on the recipient’s computer, and large-scale hacking raids on the information systems of over 30 financial, defense, and technology companies, most of them based in the United States.

“In addition, independent analysts have detected cyberespionage networks that extend to 103 countries as part of an effort to spy on the Tibetan government-in-exile and its foreign government contacts,” the Washington-based organization noted.