News / Asia

    China Declares Cyber-war on Hong Kong Protesters

    Protesters turn on their mobile phone flashlights as they block an area outside the government headquarters building in Hong Kong Oct. 1, 2014.
    Protesters turn on their mobile phone flashlights as they block an area outside the government headquarters building in Hong Kong Oct. 1, 2014.

    Days after demonstrators in Hong Kong began filling streets protesting what they call a power grab by Beijing, the Occupy Central battles began moving online.

    Shortly thereafter, a mobile digital security firm discovered something no one had yet seen before: a Chinese-authored spyware bug specifically designed and targeted to infect protestor’s iPhones and iPads.

    Then a shadowy hacker activist group Anonymous announced what it called “full-scale war” - targeting the government of Hong Kong and others opposing the Occupy Central protests.

    “If you continue to abuse, harass or harm protesters, we will continue to deface and take every web-based asset of your government off line,” a message from the group said. “That is not a threat, it is a promise.”

    Yet despite such bluster, the cyber-battlefield here is far from equal.

    Should wider attacks between Beijing and the Occupy movement break out, it’s very likely that China – with its vast resources and experience – could overwhelm the protestors and win the online war, according to analysts.

    China's online aggression

    China is home to the world’s most prolific and talented cyber criminals, experts say.

    Akamai’s most recent “State of the Internet” report, released just last week, said that 43 percent of all Internet cyber-attacks originated from computers located in China, more than three times the volume of attacks from the next highest offender, Indonesia, at 15 percent.

    Earlier this year,  the US Justice Department indicted five Chinese army officials with 31 counts of hacking and cyber espionage – charges that Chinese officials have denied.

    “It’s no surprise, in a situation like this, to discover that there are those who wish to steal information,” said Costin Raiu, director of global research and analysis at the cyber-security firm Kaspersky Labs told VOA via email.

    “It is neither the first nor the last attack of this kind, we previously observed both targeted and cybercriminal attacks against mobile users,” he said. “This is unlikely to stop anytime soon. On the contrary, we are witnessing a steady growth of mobile malware.”

    Malware, bugs

    On the first day of the Occupy Central street protests, many in Hong Kong began to notice "Trojan Horse" messages targeting their Android mobile phones.

    Trojan Horses are malicious programs that pretend to be legitimate software, but actually carry out hidden, harmful functions.

    In and of itself, this wasn’t such an uncommon occurrence given Android’s relatively loose and open operating systems.

    But a few days later, researchers with the mobile security firm Lacoon discovered something they had never seen before: a sophisticated, cross-platform spyware bug that, if downloaded, infected nearly every part of a users’ iOS – the closed and fairly secure operating system used by Apple iPads and iPhones.

    “It was a surprise, definitely,” Michael Shaurov, CEO and co-founder of Lacoon, told VOA. “Everyone was excited and thrilled to finally find this, but basically what we believe is that this is something we’ve expected.”

    The bug, officially known as Xsser mRAT, was discovered almost by accident while Lacoon researchers were trying to dissect the more common Android trojan-horse bugs.

    After they traced the Android bugs’ command and control, or CnC, protocol, they stumbled on the iOS spyway.

    “It’s sitting in the background and basically capturing all the sensitive information – data – that one has on your iPhone,” Shaurov said. “It starts with capturing location, all the contacts, text messages, photos, call logs, and to an extent it also goes to a really sensitive place on the iPhone, the keychain. It completely compromises your device.”

    Shaurov calls Xsser “…the most polished malware for iOS that we’ve seen to date,” suggesting both that it was in the works for a while, and is not the product of a small group of criminals or hacktivists.

    Computer bugs don’t come with signatures or pedigrees, but they do provide a range of clues as to who’s behind them.

    Lacoon found that Xsser’s CnC servers were located inside China, that its program commands are in Chinese, and that it uses a Chinese anonymizing service.

    “All that leads to the conclusion which is essentially that the entity that is operating Xsser is probably Chinese state-sponsored,” Shaurov said.

    'Operation Hong Kong'

    As the number of malware bugs floating around Hong Kong increased, so, too, did threats of cyber retaliation targeting both the government of Hong Kong and the Communist Party of China in Beijing.

    So far, the threat that has garnered the most media attention was that from Anonymous.

    Calling this latest venture “Operation Hong Kong,” a branch of Anonymous released a video last week, directly threatening the government of Hong Kong with coordinated, international attacks.

    “Attacking protesters will result in releasing personal information of all of your government officials,” said a computerized voice-over on the video. “We will seize all your databases and e-mail pools and dump them on the Internet. This is your first and only warning.”

    So far, Anonymous has been able to crash the website of the “Democratic Alliance for the Betterment and Progress of Hong Kong”, a large pro-Beijing political party; an act party chairman Tam Yiu-chung decried as “outrageous.”

    Other websites have also crashed or been defaced, but so far there have been no major security breaches or large-scale data thefts reported, either in Hong Kong or Beijing.

    Analysis is spotty, but the nature of such nuisance hacks suggests there are DDoS, or “distributed denial of service”, attacks. While embarrassing, DDoS hacks are usually short-lived and pose little security risks.

    Given China’s “Great Firewall” of filtering and censorship, it’s unlikely Beijing would experience wide-scale security breaches, analysts say.

    However, much of Hong Kong – among the most digitally connected societies on Earth – remains on the other side of the Great Firewall, putting servers and data at greater risk.

    Lopsided fight

    Jason Ng, an entrepreneur and blogger with the South China Morning Post, has been spending a lot of time recently in Hong Kong’s Admiralty district, home to much of the Occupy Central protests and sit-ins.

    It was where that police deployed tear gas against demonstrators who had little more than their umbrellas to protect themselves, thus giving rise to the phrase “the Umbrella Uprising.”

    “We live on social media – Facebook, Instagram – so everything that happens, the next second it’s going to be online,” Ng said.

    Speaking with VOA, Ng told of watching hundreds of protestors, concerned about the government possibly cutting Internet or phone service, immediately gravitate to the new FireChat app.

    Traditionally, cross-border cyber-attacks have occurred online, over hard-wired ISPs and targeting computers and laptops connected to the Internet.

    But this current battle appears to be happening largely on mobile devices, analysts say.

    Hong Kong isn’t just wired to the Internet; it has one of the greatest concentrations of mobile usage anywhere.

    At present, those mobile phones and other gadgets are helping protestors get their message out and stay connected with each other.

    However, with more spyware flooding the region, those devices could be turned against the movement.

    “As soon as there’s a rumor, everyone will be talking about it,” Ng said. “People are telling each other to start saving everything they put online. In terms of awareness it’s there. But if there’s a very systematic cyber-attack on Hong Kong, we’ve never seen anything like that before.”

    Others are certain who will win.

    “It’s a non-balanced fight,” said Lacoon’s Michael Shaulov of a possible cyber showdown between Beijing and Occupy Central. “The nation-sponsored entity clearly has tools and capabilities that would be very difficult for the other party to fight against.”


    Doug Bernard

    dbjohnson+voanews.com

    Doug Bernard covers cyber-issues for VOA, focusing on Internet privacy, security and censorship circumvention. Previously he edited VOA’s “Digital Frontiers” blog, produced the “Daily Download” webcast and hosted “Talk to America”, for which he won the International Presenter of the Year award from the Association for International Broadcasting. He began his career at Michigan Public Radio, and has contributed to "The New York Times," the "Christian Science Monitor," SPIN and NPR, among others. You can follow him @dfrontiers.

    You May Like

    Video Obama Remembers Fallen Troops for Memorial Day

    President urges Americans this holiday weekend to 'take a moment and offer a silent word of prayer or public word of thanks' to country's veterans

    Upsurge of Migratory Traffic Across Sahara From West to North Africa

    A report by the International Organization for Migration finds more than 60,000 migrants have transited through the Agadez region of Niger between February and April

    UN Blocks Access to Journalist Advocacy Group

    United Nations has rejected bid from nonprofit journalist advocacy group that wanted 'consultative status,' ranking that would have given them greater access to UN meetings

    This forum has been closed.
    Comments
         
    There are no comments in this forum. Be first and add one

    Featured Videos

    Your JavaScript is turned off or you have an old version of Adobe's Flash Player. Get the latest Flash player.
    Chinese-Americans Heart Trump, Bucking National Trendi
    X
    May 27, 2016 5:57 AM
    A new study conducted by three Asian-American organizations shows there are three times as many Democrats as there are Republicans among Asian-American voters, and they favor Hillary Clinton over Donald Trump. But one group, called Chinese-Americans For Trump, is going against the tide and strongly supports the business tycoon. VOA’s Elizabeth Lee caught up with them at a Trump rally and reports from Anaheim, California.
    Video

    Video Chinese-Americans Heart Trump, Bucking National Trend

    A new study conducted by three Asian-American organizations shows there are three times as many Democrats as there are Republicans among Asian-American voters, and they favor Hillary Clinton over Donald Trump. But one group, called Chinese-Americans For Trump, is going against the tide and strongly supports the business tycoon. VOA’s Elizabeth Lee caught up with them at a Trump rally and reports from Anaheim, California.
    Video

    Video Reactions to Trump's Success Polarized Abroad

    What seemed impossible less than a year ago is now almost a certainty. New York real estate mogul Donald Trump has won the number of delegates needed to secure the Republican presidential nomination. The prospect has sparked as much controversy abroad as it has in the United States. Zlatica Hoke has more.
    Video

    Video Drawings by Children in Hiroshima Show Hope and Peace

    On Friday, President Barack Obama will visit Hiroshima, Japan, the first American president to do so while in office. In August 1945, the United States dropped an atomic bomb on the city to force Japan's surrender in World War II. Although their city lay in ruins, some Hiroshima schoolchildren drew pictures of hope and peace. The former students and their drawings are now part of a documentary called “Pictures from a Hiroshima Schoolyard.” VOA's Deborah Block has the story.
    Video

    Video Vietnamese Rapper Performs for Obama

    A prominent young Vietnamese artist told President Obama said she faced roadblocks as a woman rapper, and asked the president about government support for the arts. He asked her to rap, and he even offered to provide a base beat for her. Watch what happened.
    Video

    Video Roots Run Deep for Tunisia's Dwindling Jewish Community

    This week, hundreds of Jewish pilgrims are defying terrorist threats to celebrate an ancient religious festival on the Tunisian island of Djerba. The festivities cast a spotlight on North Africa's once-vibrant Jewish population that has all but died out in recent decades. Despite rising threats of militant Islam and the country's battered economy, one of the Arab world's last Jewish communities is staying put and nurturing a new generation. VOA’s Lisa Bryant reports.
    Video

    Video Meet Your New Co-Worker: The Robot

    Increasing numbers of robots are joining the workforce, as companies scale back and more processes become automated. The latest robots are flexible and collaborative, built to work alongside humans as opposed to replacing them. VOA’s Tina Trinh looks at the next generation of automated employees helping out their human colleagues.
    Video

    Video Wheelchair Technology in Tune With Times

    Technologies for the disabled, including wheelchair technology, are advancing just as quickly as everything else in the digital age. Two new advances in wheelchairs offer improved control and a more comfortable fit. VOA's George Putic reports.
    Video

    Video Baby Boxes Offer Safe Haven for Unwanted Children

    No one knows exactly how many babies are abandoned worldwide each year. The statistic is a difficult one to determine because it is illegal in most places. Therefore unwanted babies are often hidden and left to die. But as Erika Celeste reports from Woodburn, Indiana, a new program hopes to make surrendering infants safer for everyone.
    Video

    Video California Celebration Showcases Local Wines, Balloons

    Communities in the U.S. often hold festivals to show what makes them special. In California, for example, farmers near Fresno celebrate their figs and those around Gilmore showcase their garlic. Mike O'Sullivan reports that the wine-producing region of Temecula offers local vintages in an annual festival where rides on hot-air balloons add to the excitement.
    Video

    Video US Elementary School Offers Living Science Lessons

    Zero is not a good score on a test at school. But Discovery Elementary is proud of its “net zero” rating. Net zero describes a building in which the amount of energy provided by on-site renewable sources equals the amount of energy the building uses. As Faiza Elmasry tells us, the innovative features in the building turn the school into a teaching tool, where kids can't help but learn about science and sustainability. Faith Lapidus narrates.

    Special Report

    Adrift The Invisible African Diaspora