China urges tighter Internet security after series of data leaks

SHANGHAI Fri Dec 30, 2011 10:00am EST

A man smokes as he uses a computer at an internet cafe in Hefei, Anhui province, September 15, 2011.     REUTERS/Stringer

A man smokes as he uses a computer at an internet cafe in Hefei, Anhui province, September 15, 2011.

Credit: Reuters/Stringer

Related Topics

SHANGHAI (Reuters) - The Chinese government is working with domestic Internet search engines like Baidu Inc and Sohu.com and financial institutions to prevent phishing attacks on unsuspecting Chinese web users.

The Ministry of Public Security said on Friday it would work with 10 Chinese search engines to protect the website rankings of financial institutions to lessen the chances that Internet users will be duped by phishing websites.

A phishing attack occurs when the user is persuaded to part with his or her username and password via a fake webpage that closely resembles the original.

Through the collaboration, the official websites of several Chinese banks, such as Agricultural Bank of China and China Construction Bank will be ranked first in the search engine when a user searches for the related keywords, reducing the risk of such attacks, the Ministry said in an online circular on Friday.

The move comes after China urged tighter Internet security on Wednesday following a spate of personal data leaks that alarmed the online community and prompted calls for tougher scrutiny of who has access to online information.

On Thursday, the Guangdong Provincial Public Security Department confirmed a technical vulnerability on the website of the Division of Exit and Entry Administrative Department of Public Security for Guangdong had left the personal data of 4.4 million users exposed.

According to Chinese media, the loophole was first reported by a microblogger on Thursday and has been around since June this year.

The province's public security department said the loophole had been fixed.

China claims the most Internet users in the world at 485 million, state media reported last month. Despite widespread censorship and monitoring online, many users have been up in arms about the reported data leaks and their implications.

The user IDs, passwords and email addresses of more than 6 million accounts registered on CSDN -- a site for programmers -- were leaked, Xinhua news agency reported last week, citing an anti-virus software provider that discovered the problem. The popular social-networking site Tianya was also hit.

The Global Times newspaper on Friday described the state of Internet security in China as "very dangerous," saying the leaks had "struck Chinese society's alarm bells."

The Ministry of Industry and Information Technology said on Wednesday it would investigate the hacking incidents.

"The department believes the recent leak of user information is a serious infringement of the rights of Internet users and threatens Internet safety. The department strongly condemns such behavior," the ministry said in the statement.

China is widely suspected of being the origin of many hacking attacks on government and commercial websites abroad, but officials have repeatedly dismissed reports that the government or military could be behind such attacks.

China bans numerous overseas websites, including Facebook, Twitter and YouTube and some foreign media outlets, fearing the uncensored sharing of images and information could cause social instability and harm national security.

(Reporting By Sisi Tang in HONG KONG and Melanie Lee in SHANGHAI; Editing by Chris Lewis and Paul Tait)

FILED UNDER:
We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/
Comments (4)
@actnow:

Anonymous, which has taken responsibility for the recent high profile hacking, is neither Russian nor Chinese.

Wikileaks, which leaked more U.S. Government documents than any other precedent in history, is founded by an Australian.

I know many have pointed fingers to China or Russia for certain specific breaches in the past years, some independent groups have not corroborated with the popular conclusion that the Chinese Government is invovled. Anyhow, the Chinese Government has always denied that they are involved officially with any of the hacking, and that any such act is illegal by their laws. Anybody has reasons to doubt the honesty of the Chinese Government( just like most don’t place much trust in denials by the CIA ), however, it is woefully misrepresentation that China and Russia have “declared an open season” on US firms and our Gov’t security systems.

Anyway, for you to call on an overt criminal act against other countries, while leaving out those who have truly declared intentions and taken responsibilities for those specific actions,
is very unwise to say the least,
or may be illegal,
because any act that encourages, incite or inflame others to commit international criminal act should be sanctioned.

So I suggest that you withdraw your statements. Alternatively, Reuters should delete your post.

Dec 30, 2011 8:14pm EST  --  Report as abuse
jo5319 wrote:
@actnow:
Get lost! You have no right to promote criminal activity on Reuters!
Shame on you! You’ll only increase the cry about American hypocrisy in the international forum, as if the likes of yours haven’t done enough harm to America!

Dec 30, 2011 8:24pm EST  --  Report as abuse
PPlainTTruth wrote:
@Actnow:

What YOU should act now is:
get the best education you can,
work hard,
abide by the law,
avoid any hypocrisy.

If you have the best product, and is excelling over your competitors,
you will find that you’d somehow lose all interest in promoting lame hypocrisy.

Dec 30, 2011 8:50pm EST  --  Report as abuse
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.