Japanese police target users of Tor anonymous network

Japanese people who “abuse” the Tor anonymous browsing network could be blocked from using it.

The police in Japan have decided to target people, who are found abusing the anonymous Tor network, and block them from accessing the network. This development was reported in a recommendation made by a panel of experts from the technological to the National Police Agency, according to the Japanese daily The Mainichi. The panel, which was established with the sole purpose of coming up with new strategies for tackling crimes which were perpetrated using the Tor network. All this happened after the high profile case of the Demon Killer who used the Tor anonymous network to elude capture from authorities.

Japanese police target users of Tor anonymous network

Japanese police target users of Tor anonymous network

Tor, an abbreviation of The Onion Router, is a network which has features of anonymity for its users by redirecting the traffic to dedicated servers worldwide which provides for concealment of a user history and his location so that internet activity cannot be traced easily. The network works in layers of encryption as the name suggests i.e. like the layers of an onion peel, and the data is encrypted and re-encrypted repeatedly so that it cannot be deciphered during the transit process. The network has been around since 2002 and many versions have been released from time to time and there has been some controversy about the level of safety and anonymity on the network and its use for potentially illegal activities.

The anonymous has made investigation into cybercrime much difficult and perplexing and the noise around it was heightened during the recent case of the Demon Killer. Demon Killer, the notorious hacker who went around sending threat messages about bombing nurseries and schools on online discussion and chat forums. The Police had announced a reward of 3 million Yen or 20,000 dollars for information about the hacker’s whereabouts.  When the police arrested four suspects, they were found to be innocent victims of the hacker who had compromised their machines using the virus iesys.exe and was using them to use Tor. The hacker sent taunting emails to the Police, which included riddles which took the investigators to an island near Tokyo and finally led them to a feline wearing a collar which had a memory card on it which included details of the virus used by the hacker. He was finally apprehended by the police soon after they studied the CCTV footage of the cat in which he featured. The hacker was a worker in the IT industry named Yusuke Katayama, aged 31.

It was after Katayama’s arrest that the NPA decided to get expert guidance to nab criminals who used similar means to elude the law and set up an expert panel. The panel has recommended a ban on networks like Tor or any other network which provides anonymity to the users.

The ISPs in Japan are not apparently happy with this recommendation of the panel, and an industry insider commented in a talk with the Mainichi that “Communication privacy is our lifeline. We won’t be able to accept such a request,”

Well, the merit of this recommendation will be understood only later after more reaction is observed and the opinion of other experts in industry is sought. 

About these ads

Japan task force to fight cyber crime

Japan is going to launch a nationwide task force which is going to consist of 140 members with the intent of fighting cyber crime which has been plaguing the country for quite a while now. The force will also tackle cyber attacks originating from other countries, the National Police Agency announced on Tuesday.

Japan task force to fight cyber crime

Japan task force to fight cyber crime

The personnel who are going to be recruited in the task force will be experts in their respective fields and will possess skills in languages such as English, Korean, Chinese and Russian. Moreover, they will be deployed in many important locations like Tokyo, Osaka, and other cities, according to the statement made by the agency.

The move has been taken so as to protect national interests by providing cyber security to government organizations, defense contractors and private corporations which control infrastructural facilities like power plants and gas storage sites etc.

National Police Agency commented that the recruitment of experts in foreign languages will help counter cyber threats from other countries and these experts would “gather information on cyber attacks from abroad”. Until now, such cases were handled by provincial police departments who use to get help from specialists in their respective fields.

This move was necessitated when Japan came under attack from across the border in the September last year, which occurred when Japan decided to administer control over Tokyo governed Senkaku islands, on which the Chinese also stake a claim and call them as Diaoyus. The resultant attack was a widespread one which affected around 19 or so websites which included the websites of a government ministry, some courts, and even a medical facility. The attack was said to have been perpetrated by the Chinese state as per the statement made by the agency. In fact, Japan was victim of more than 1000 cyber attacks in the year 2012 according to the National Police Agency, and most of them had their origins in the Chinese states.

Moreover, a report by a leading US firm earlier this year also pointed towards the same fact when they said that the Chinese were investing money so as to organize cyber attacks. The report also asserted that the People’s Liberation Army was connected with a long running campaign of cyber espionage.

The effectiveness of this venture by the National Police Agency will be demonstrated only with time but it is surely a step in the right direction against the growing menace  of cyber crime.

Zeus banking Trojan targeting five major banks in Japan

Zeus, one of the most well known banking Trojans around for quite a long time is finally heading East. If reports are to be believed, the Zeus Trojan is set to target customers and at least five major banks in Japan. The malware which has affected millions of users in the United States and Europe and thousands of organizations across the globe has caused financial losses in millions. Since its inception in 2007, it has helped many cyber criminals in their illegal activities such as stealing personal and financial details of thousands of people all over the world.

Zeus banking Trojan targeting five major banks in Japan

Zeus banking Trojan targeting five major banks in Japan

The National Police Agency of Japan has been following threats related to the Zeus banking Trojan for some time now and have alerted many customers in Japan about possible intrusions. It is surprising because Japan is a country that was relatively safe from such Trojan attacks for unknown reasons, though some assert that it is possibly the language barrier that was responsible. Moreover, Symantec has also confirmed the existence of variants of the Zeus Trojan which is being used to target customers in Japan.

Zeus banking Trojan, also known as Zbot belongs to a family of malware toolkit which allows miscreants to write their own Trojan horses, software commands that appear authentic but are carrying a hidden attack. This toolkit has become much popular over the last two or three years. When Zeus Trojan infects a machine, it starts monitoring the websites visited by the users, especially the banking sites, and injects an HTML code that displays a message that prompts victims to re-enter the information they provided so as to re-register for better services and an improved customer experience. This information is requested in a form similar to that provided by banks so that the information can be stolen by cyber criminals. Its biggest feature is that one can tweak the forms to fields to forms at the browser level and then stealing the information via keystroke logging which tracks the keystrokes one makes while entering sensitive information such as account numbers and PIN etc. The ability to tweak this malware makes it stealthy and it is the reason why most anti-virus software is ineffective against Zeus.

 This Trojan is propagated through various methods, commonly phishing emails and unmonitored downloads and web links etc. and can be used to steal not only banking credentials but any type of personal information such as social networking account credentials, email passwords and usernames etc.

The ability of Zeus to dodge anti-virus software because of its adaptability has led to infection of more than 3 million users in the U.S. alone and cyber crime organizations and theft rings are always looking for avenues to spread this Trojan.

The Japanese variant of Zeus is pretty much similar to the basic Zeus toolkit only differing in the fact that it comes in the Japanese language.

The best measure for people in Japan would be to stay clear of suspicious emails and malicious links on the internet and regularly update their anti-virus software and malware detection kits.