Agents of the East German Stasi could only have dreamed of the sophisticated electronic equipment that powered Col. Muammar el-Qaddafi’s extensive spying apparatus, which the Libyan transitional government uncovered earlier this week. The monitoring of text messages, e-mails and online chats — no communications seemed beyond the reach of the eccentric colonel.

What is even more surprising is where Colonel Qaddafi got his spying gear: software and technology companies from France, South Africa and other countries. Narus, an American company owned by Boeing, met with Colonel Qaddafi’s people just as the protests were getting under way, but shied away from striking a deal. As Narus had previously supplied similar technology to Egypt and Saudi Arabia, it was probably a matter of public relations, not business ethics.

For the full article, see here.

Majority-Muslim countries regularly engage in faith-based censorship of the Internet, according to a new report by prominent watchdog group, The OpenNet Initative. The study, written by Helmi Noman, examined 15 states and territories. Out of these, 14 blocked sites that were considered to be critical of Islam and five blocked “liberal, secular, and atheistic comment.”

The report, titled In the Name of God, primarily examined Middle Eastern and South Asian states and territories. Some countries, such as Pakistan, Saudi Arabia, and Iran, were also found to be enthusiastically blocking religious websites catering to faith minorities such as the Ba’hai’s and Ahmadiyyas. The Ahmadiyyas, an Islamic sect who believe the messiah arrived in the 19th century, are persecuted in Pakistan and prohibited from calling themselves Muslims.

Fatwas by clerics closely tied to national governments have targeted software developers and ISPs. Saudi Arabia’s state Standing Committee for Issuing Fatwas recently declared the operation of Internet cafes to beharam (forbidden) if the computers inside were used for “false and evil ends,” and the Grand Mufti of Dubairecently demanded that Dubai block access to pro-atheism websites. It is not known whether Dubai took him up on the request.

For the full article, see here.

The Obama administration is leading a global effort to deploy “shadow” Internet and mobile phone systems that dissidents can use to undermine repressive governments that seek to silence them by censoring or shutting down telecommunications networks.
Multimedia

The effort includes secretive projects to create independent cellphone networks inside foreign countries, as well as one operation out of a spy novel in a fifth-floor shop on L Street in Washington, where a group of young entrepreneurs who look as if they could be in a garage band are fitting deceptively innocent-looking hardware into a prototype “Internet in a suitcase.”

Financed with a $2 million State Department grant, the suitcase could be secreted across a border and quickly set up to allow wireless communication over a wide area with a link to the global Internet.

The American effort, revealed in dozens of interviews, planning documents and classified diplomatic cables obtained by The New York Times, ranges in scale, cost and sophistication.

Some projects involve technology that the United States is developing; others pull together tools that have already been created by hackers in a so-called liberation-technology movement sweeping the globe.

…

For full original article, see here

Once again Google is making headlines as they clash with another country over usage constraints. The internet giant got word last month of Kazakhstan’s attempts to reroute all Google domains there to servers located within the country. Google raised them one by suspending their Kazakh domain google.kz and rerouting them to google.com.

Typically Google’s domains in a given country will be tailor configured to increase search relevance to that country. However when users search the internet they are not limited by national boundaries so that requests can be handled in the fastest possible way. By rerouting away from Kazakhstan, Google Senior Vice President Bill Coughran writes in a blog post, “users will experience a reduction in search quality as results will no longer be customized for Kazakhstan.”

…

For full original article, see here

Get ready for international Internet regulation; top leaders from the US, UK, and France are making increasingly public statements about their plans to draft new rules that will make the ‘Net more secure and will crack down on copyright infringers.

In a speech back on February 4, UK Foreign Secretary William Hague sounded a dire warning about the state of the ‘Net.

The intelligence reports I see as Foreign Secretary show that just one criminal computer programme can harvest over thirty gigabytes of stolen passwords and credit card details from over a hundred countries in a matter of days, causing millions of pounds worth of fraud…

Last year the national security interests of the UK were targeted in a deliberate attack on our defence industry. A malicious file posing as a report on a nuclear Trident missile was sent to a defence contractor by someone masquerading as an employee of another defence contractor. Good protective security meant that the email was detected and blocked, but its purpose was undoubtedly to steal information relating to our most sensitive defence projects.

And last month three of my staff were sent an e-mail, apparently from a British colleague outside the FCO, working on their region. The e-mail claimed to be about a forthcoming visit to the region and looked quite innocent. In fact it was from a hostile state intelligence agency and contained computer code embedded in the attached document that would have attacked their machine. Luckily, our systems identified it and stopped it from ever reaching my staff.

William Hague
The Wild West might make a romanticized setting for films, but when you’re on the receiving end of chaotic violence, you start longing for some law and order pretty quick. In his speech, Hague pledged that law and order was coming in the form of an “international agreement about norms in cyberspace.”

Such discussions have been ongoing for years, but in dilatory and fragmented fashion. Hague now wants to formalize and accelerate the discussions—”we need to get the ball rolling faster!”

…

For full original article, see here

Starting at 3:35 UTC today (6:35am local time), approximately two-thirds of all Syrian networks became unreachable from the global Internet. Over the course of roughly half an hour, the routes to 40 of 59 networks were withdrawn from the global routing table.

This image shows the current state (green: reachable, red: unreachable) of each network prefix in the Middle East this morning, visualized as a packed Hilbert-curve representation. The size of the colored area is proportional to each country’s Internet presence, so you can see that Syria’s Internet (red block near the top center) is a little smaller than that of Kuwait.

The Internet in Syria basically depends on one domestic provider, state-owned Syrian Telecom Establishment (AS29256 and AS29386). They buy most of their Internet transit from Turk Telekom and Deutsche Telekom, with some contribution from PCCW, Tata, and Telecom Italia. Connectivity has historically come in over submarine cable from Cyprus; activation of new terrestrial fiber connections to Turkey have been delayed by this year’s political unrest.

The network prefixes that remain reachable include those belonging to the Syrian government, although many government websites are slow to respond or down. The Oil Ministry is up, for example, and Syrian Telecom’s official page, but the Ministry of Education is down, as is the Damascus city government page, and the Syrian Customs website.

The networks that are not reachable include, substantially, all of the prefixes reserved for SyriaTel’s 3G mobile data networks, and smaller downstream ISPs including Sawa, INET, and Runnet.

We’ll update when we have more information. We don’t know yet how the outage was coordinated, or what specific regions or cities may be affected more than others. News is filtering out of Syria very slowly. If Egypt and Libya’s Internet outages are any guide, one might conclude that events on the street in Syria are reaching a tipping point.

Edit: clarified that Syrian Telecom Establishment is the state-owned Internet service provider, as distinguished from SyriaTel, the mobile provider that is “not quite” government-owned.

BEIJING – The way the Chinese government manages the Internet in accordance with law is a sovereign matter and foreign courts have no jurisdiction according to international law, Chinese Foreign Ministry spokeswoman Jiang Yu said on Thursday.

The Chinese government’s Internet management accords with international norms, and China always supports the development of the Internet and guarantees citizens’ lawful freedom of speech, Jiang said at a regular news conference.

Jiang’s remarks referred to a lawsuit in which eight New York residents accused China’s biggest search engine Baidu.com and the Chinese government of Internet censorship on Wednesday.

“I think the accusation is more like a PR (public relations) question than a legal question to Baidu,” said Duncan Clark, president of Beijing-based research firm BDA China.

Because Baidu operates in China, it has to follow Chinese regulations, said Clark.

However, Yu Guofu, a partner with Beijing Shengfeng Law Firm, told China Daily that it still depends on how the United States defines its jurisdiction.

Baidu spokesman Kaiser Kuo declined to comment.

China is not the only country that faces the issue of how to supervise the Internet, because problems including online pornography, gambling and fraud have hampered its sound development or even threatened national security, analysts said.

Almost every country in the world supervises the Internet, the difference lies in how they manage online information, said Wen Weiping, associate professor at the Department of Information Security of Peking University.

The US government unveiled plans on Tuesday to work with other nations to make the Internet more secure and enable law enforcement bodies to work closely on cyber crime.

And in the strongest terms to date, the White House made it clear that the US will use its military might to strike back if the country comes under a cyber attack that threatens national security.

In early May, China established the State Internet Information Office, with Wang Chen, minister of the State Council Information Office, as its director, to strengthen coordination between different authorities and improve the legal, administrative and technical systems to help regulate the Internet.

Cyber security experts have argued that the Internet cannot be a safe place until nations implement international agreements that better define and regulate cyber crime, provide oversight of the Internet, and set out new standards and rules for the industry.

French President Nicolas Sarkozy will host technology titans from influential companies such as Facebook, Google and Amazon, at a summit on May 24-25 in Paris, to talk about how governments could encourage cyber technology innovation and Internet regulation.

After dealing with some internal strife and remaining relatively silent for some time, the rogue movement Anonymous has launched a distributed denial of service (DDoS) attack against the U.S. Chamber of Commerce website.

The campaign was launched in protest of the Protect IP Act, a legislative proposal that would essentially cut off U.S. Internet users from accessing any website the government decides is blatantly in violation of copyright infringements, as well as any site that attempts to mirror the offender’s content.

The legislation would also require search engines to eliminate references to the offending sites from their search indexing, as well as require advertising networks and payment services to cease business with the blacklisted sites.

The press release posted on AnonNews.com states:

“This message is a response to recent actions of the U.S. Government, the RIAA, the MPAA and others. For some time now, powerful interests have been vigorously lobbying the US Government in a campaign to censor the Internet. The PROTECT IP Act is the result of their campaign. Through domain seizures, ISP blockades, search engine censorship, and funding cuts to allegedly copyright infringing websites, the PROTECT IP Act will take Internet censorship to the next level. In its present form, this act threatens the very foundation on which the Internet was built: freedom of thought.”

The Protect IP Act would allow the Justice Department to decide which websites were in violation of copyright laws, as well as provide the opportunity for copyright holders to file for court orders to have infringing websites blacklisted and blocked.

“This bill would allow the US Government to force ISPs and search engines to censor websites they do not like under the guise of “copyright protection”. Instead of reducing piracy, this bill endangers the free flow of information. Through domain seizures, ISP blockades, search engine censorship, and the restriction of funding to websites accused of infringement, this bill promises to take Internet censorship to the next level. Furthermore, it violates the citizens ‘ rights to due process, to free speech, to free expression and to legal representation at their hearing.”

At the time of this article’s publication, the U.S. Chamber website was experiencing intermittent downtime, and the Anonymous IRC discussion showed indications that the Chamber may have implemented defensive measures with the aid of a service called DosArrest.

Anonymous now seems to be probing the systems for other vulnerabilities, such as susceptibility to a SQL-based attack:

Ocean80: Timeline: 8:00pm – Protest launched. 8:20 – site was down. 8:30 – site returned online with aid from DosArrest, a DDOS protection website (commerce paid $5000/hr for their services). At around 10:00pm, members started probing SQLi vulns…their was little success with the SQL attacks due to a lack of admin panel, however, the vulns are there…

Anonymous employs a downloadable tool called the Low Orbit Ion Cannon for the DDoS attacks, and makes the tool available for download to those who want to participate.

The success of an attack largely depends on the operation organizer’s ability to publicize and gain crowd-sourced participation for the attack “hive”. Operations that fail to attract enough participants fail to take the targeted website off-line.

Most recently, Anonymous had targeted Sony with a DDoS attack campaign in early April, but called off the assault after receiving backlash from Sony customers who did not appreciate the network downtime. When the network failed again due to the network breach, Anonymous issued a press release on April 22 that sought to dispel any notion that the movement had taken part in the latest PSN outage.

Anonymous is also known for having breached the systems of HBGary Federal – a security company who was involved in efforts to reveal the identities of the Anonymous leadership – and for defacing the website of the controversial Westboro Baptist Church.

Anonymous has also previously targeted the websites of PayPal, Visa, MasterCard, PostFinance Bank, Amazon, Bank of America and others who had halted business relations with WikiLeaks, as well as also launching attacks against the websites of Senator Joe Lieberman and Sarah Palin for speaking out against the WikiLeaks data dumps.

(Reuters) – Russia is looking to the experience of other countries, including China, to “regulate” Internet use, though Moscow has no plans to broaden web censorship, a government spokesman said on Saturday.

Weeks after hacker attacks temporarily closed down the country’s most popular blog site, a state tender calling for research into “foreign experience in regulating” the Internet has revived fears that authorities plan to clamp down on Internet freedoms ahead of 2012 presidential elections.

Dmitry Peskov, a spokesman for Prime Minister Vladimir Putin, said the tender was in no way an indication that Moscow wanted insight into Internet censorship.

“It is enough to look at those resources that exist in the Russian Internet to see that there is no censorship there,” he said. Peskov said researchers would study best practices in Internet regulation of other countries, including China.

In a country where much media is state-run, the Internet is one of the last bastions of free speech. Russian bloggers freely criticize authorities, often scathingly, question high-level corruption and swap information.

After Russia’s main security service said earlier this month that uncontrolled use of Skype and Gmail was a “security threat,” Internet users feared that “regulation” may lead to tightening of freedoms on the Web.

“They’re trying in their own way, of course boneheadedly, to tighten the screws,” an Internet user under the name alekc75 wrote about the government tender on a popular blog.

Security analysts say cyber attacks this month on blogging site Live Journal could be a test drive for closing down web sites, in particular social networking sites, in case of demonstrations ahead of next year’s presidential elections.

The Internet has played a crucial role in the unrest that has rocked Northern Africa and the Middle East, prompting some governments to shut it down.

In an interview with the Wall Street Journal in February, Deputy Prime Minister Igor Sechin said Google was responsible for uprisings that helped unseat Egyptian leader Hosni Mubarak.

Ilya Ponomaryov, a member of Parliament and the Duma information committee, said Russia was in a very early stage in developing Internet regulation.

“Our Internet regulation is currently the most liberal in the world because we have none,” Ponomaryov told Reuters. He said parliament was now working on amending a series of laws to take into account the rapidly developing Internet.

The Live Journal site was brought down by a denial of service attack — a tried and tested method of disrupting websites by flooding their servers with requests.

Chechen separatists and the Georgian and Estonian governments have been high-profile victims of similar attacks in the past. Supporters of WikiLeaks also used this method to attack organisations that blocked support for WikiLeaks.

(Writing and additional reporting by Thomas Grove; Editing by Peter Graff)

This week, a DDoS attack was launched on Livejournal— which, with 4.7 million Russian users, has become a powerful forum for political discussion in Russia (Maria Garnaeva of Kaspersky Lab has a great analysis and report of the attack). The attacks began on March 24, from the Optima botnet on prominent Livejournal user Alexei Navalny (who discusses government corruption in his blog as well as a number of other URLs until April 1. By April 4, however, the botnet was launched on many popular Livejournal blogs and effectively caused the Web site to be inaccessible in Russia. The attacks rendered the Web site inaccessible in Russia on March 30 and April 4.

Within this, the oppositional newspaper, Novaya Gazeta, was also similarly attacked. It was reported that the newspaper believes that the attack was carried out by those who attacked the Livejournal. The large scale DDoS attack was at one point sending 70,000 visit requests every 14 seconds.

This Global Voices post details the current discussion and speculations in Russian cyberspace over the attack. Many have been quick to suggest that the attack was a politically motivated state-sponsored attack whose primary target was Navalny. Another prominent user, Anton Nosik, suggested that the attack be linked to a recent article in the newspaper Argumety i Fakty, which suggested that Russian Livejournal users shift to another platform. Nosik understands the attack to be an orchestration by the Russian government to disband the Russian Livejournal community. The Novaya Gazeta has linked the attacks to this year’s parliamentary election and next year’s presidential election in Russia. The paper’s editor told the Associated Press that he believes the attacks were meant to “discredit the public platforms which express alternative points of views.” The opposition leader has publically stated that, “It’s quite possible that those people who have ordered the attack are planning the complete crash of Live Journal in the heat of the 2011-2012 election campaign,” he wrote on his blog Friday.” The PutinWatcher Web site also suggests that the attack was state-sponsored, pointing to the fact that “DDoS attacks have been the favored technique in blogging attacks linked to the Russian government in the past” as seen in the attacks on the Estonian government in 2007 and the Georgian government in 2008 which some have linked to the Russian state.

Recently, Alexander Andreyechkin of Russia’s Federal Security Service announced that the organization has proposed placing a ban on foreign services such as Skype, Hotmail and Gmail due to the security threats stemming from their “uncontrolled use”—meaning, that control of traffic through these services is done from foreign servers—as well as the concern that these services use foreign-made encryption technology. These comments were later revoked.

These recent attacks are occurring against a backdrop of intensified control over Russian cyberspace this year (see this OpenNet Initiative post for more details)—for instance, the launch of the League of Internet Safety, and the rise of the so-called “30 Ruble Army.” The Russian government has however, denied the allegations. In fact, Medvedev’s own Livejournal blog suffered from the attack. Attribution is often difficult to determine, however, what is of significance is that these recent attacks are consistent with the controls in Russian cyberspace as documented by Ronald Deibert and Rafal Rohozinski (see Deibert and Rohozinski’s Control and Subversion in Russian Cyberspace)—for instance, the deployment of next generation information controls (such as DDoS attacks) characterized by “just in time” blocking or event-based denial of selected content or services.