A Canadian anti-Internet censorship organization which recently exposed the activities of a China-based computer spy network says the Canadian government is dropping the ball in taking a pivotal role in leading a global effort against cyber crime such as the distributed-denial-of-service (DDoS) attacks now crippling major U.S. and South Korean Websites.
In March this year, the Internet research group Citizen Lab based at the Munk Centre for International Studies at the University of Toronto and SecDev Group, a research organization based in Ottawa, made public the existence of Ghost-Net, a cyber spy network using servers based in China to hack into and control computers in foreign embassies, International organizations, news media and even the office of the Dalai Lama.
Despite the overwhelming evidence the research group presented, there has been no action on the part of the Canadian government, according to Ron Deibert, director of Citizen Lab.
“We received no support from the Canadian government – not even a note of thanks,” Deibert said.
Last month, U.S. Defense Secretary Robert Gates approved the creation of a unified U.S. Cyber Command to oversee the protection of military networks against cyber threats.
“As far as we know the Canadian government does not even have a cyberspace strategy of promoting access to information and freedom of speech about which a country like Iran would be irritated,” he added.
The recent public rallies over contested election results in Iran have led to a bloody government crackdown on protesters and a clampdown on all social networks in the country.
Psiphon Inc., a Toronto-based Web filter circumvention technology provider also headed by Deibert has been active in distributing “nodes” that push BBC Persian, Radio Farda, Youtube and Facebook to Iran-based computer users. Although a Canadian organization, Psiphon is funded entirely by U.S. and UK sources.
The use of Web-based strategies to destabilize government and commercial networks or muzzle public access to information and online conversation is escalating.
Just last week, major sites in South Korea and the U.S. were hit by a series of DDoS attacks. The attacks, earlier said to be emanating from North Korea, was traced yesterday by a Vietnamese researcher to a server of a UK-based IP television company in the UK.
Also this week, an attacker who defaced the Web site of Turkey’s embassy in China on Monday left behind a pro-China note as the two countries worked through a diplomatic spat. The Web site is also loading slowly, possibly signaling a DDoS attack.
The attacks are apparently retaliation for Turkish criticism of China over deadly riots last week, when members of the Uighur ethnic minority clashed with Han Chinese, China’s majority ethnic group. The riots in western Xingjiang province left at least 184 people dead and over 1,600 injured, according to the state-run Xinhua news agency.
Turkish Prime Minister Recep Tayyip Erdogan last week called the events “a kind of genocide,” and the country’s trade minister called for a boycott of Chinese goods. Thousands of Turks reportedly demonstrated in support of Chinese Uighurs over the weekend.
The message left on the defaced Turkish embassy Web site demanded that Turkey not meddle in Xinjiang affairs, which it called China’s “internal matter,” according to a screenshot on the Web site of China’s state-run Global Times newspaper.
China cut off Internet and mobile phone service in Xinjiang after the riots last week to prevent further unrest. It also blocked social Web sites including Twitter and Facebook across the country. Turkish cyber attackers have targeted Chinese Web sites before, though hacking between the countries has not been a hot-button issue.
Most businesses and governments in North America are ill-equipped to repel such assaults, according to Kevin Coleman, senior fellow and chief strategist of the Technolytics Institute, an independent technology and security management think tank based in McMurray, Penn. A co-author of three books Coleman has briefed members of U.S. Congress- both the House and Senate.
Coleman said North American e-businesses could lose in excess of $400 million each day should such an attack bring down Internet services here.
“The failure of government agencies and enterprises to address such threats might be blamed on prevailing business attitudes and complacency,” said Coleman, former chief strategist for Netscape Communications.
For instance, he noted that North American businesses spent more than $17.5 billion in security alarms for their buildings, but only $6.2 billion on information security measures.
“Many IT organizations will tell you either the threats are too far fetched or that they’re adequately protected,” Coleman said.
Deibert and Rafal Rohozinski is a principal of The SecDev Group, have the following proposal for the Canadian government:
1. Canada should leverage its position among the G-8 to convene a meeting of major powers to formulate a Treaty of Cyberspace recognizing that this domain is now of equal importance to that of land, air, space and sea. The preamble of this treaty should make it clear that cyberspace is a valuable global commons that should be protected and preserved for citizens of the world
2. Canada should take a leading role in defining international mechanisms for dealing with cyber incidents at a global level, including: cyber crime, denial of service attacks, viruses and cyber espionage networks of the type we encountered in Ghost-Net. None of the existing institutions — from Interpol to the Cyber crime Convention to NATO’s CyberCentre of Excellence to The ITU’s IMPACT — are properly established or mandated for the exchange of information and best practices required in this area
3. Canada needs a foreign policy that explicitly includes cyberspace as a means for projecting Canadian values. This should include research and development into cyber technologies that promote free speech, privacy and access to information.
(With files from Owen Fletcher, IDG News Service – Beijing)