Showing posts with label China. Show all posts
Showing posts with label China. Show all posts

Tuesday, December 4, 2012

Hacking the Hackers


The Los Angeles Times reports on a new online security company called CrowdStrike founded by the former chief technology officer at McAfee Inc., George Kurtz.  Also joining CrowdStrike is the former head of the FBI's Cyber Crimes Division, Shawn Henry.
CrowdStrike is at the forefront of a novel business model for cybersecurity, one that identifies sophisticated foreign attackers trying to steal U.S. intellectual property and uses the attackers' own techniques and vulnerabilities to thwart them.  The firm is marketing itself as a private cyber intelligence agency, staking out networks to catch infiltrators, assembling dossiers on hackers and fooling intruders into stealing bogus data.
CrowdStrike, which employs Chinese linguists and former U.S. government agents, also has identified Chinese hackers using clues in their malware.   It then profiles them — complete with real names and photos — using information gathered from a variety of sources.
That has helped the company, for example, identify a Chinese hacker who targeted financial institutions and tends to seek merger and acquisition information.  Profiles enable a more targeted defense by helping CrowdStrike know when an attacker is likely to strike, how he communicates, what malware he uses and how he tries to take the stolen data.
Some experts believe CrowdStrike and other companies should be able to "hack back" by, for example, disabling servers that host cyber attacks, whether they are in the U.S. or abroad.  But this approach is not without critics, who worry how far companies might go down the road of cyber vigilantism.
The Justice Department has said hacking back may be illegal under the Computer Fraud and Abuse Act, a 1996 law that prohibits accessing a computer without authorization.  Many lawyers liken it to the principle that a person can't use "self-help" to legally break into his neighbor's house, even if he sees his stolen television in the neighbor's living room.

But what happens when the authorities themselves are unable, or unwilling, to cope with the threat that such hackers present?  

Critics worry that third party servers may be affected, or that attacks on Chinese or Russian-controlled computers could trigger an international incident.  What do you think?



Monday, August 20, 2012

China Accuses U.S. of Waging an "Invisible War" on the Internet


The Chinese government has demanded that the U.S. cede control of the Internet, accusing it of waging an "invisible war" against its enemies on the web.

In an article appearing in China's official newspaper, China accuses the U.S. of conducting a "pre-emptive strike" by refusing to give up control of the Internet in the name of protecting what it calls a “global resource.”

China claims that the U.S. has taken unfair advantage of its control over the Internet to launch an "invisible war" against its enemies, and to intimidate and threaten other countries.

The article cites as an example how, during the Iraq war, the U.S. government in 2003 asked ICANN to terminate all services related to Iraq’s TLD “.IQ” leading to all websites linked to such domain names disappearing overnight.

The article also points out that 10 of the Internet's 13 root zone servers are located within the U.S., allowing the federal government to "supervise the Internet for national security reasons" under U.S. laws.

By doing so, however, China argues, the U.S. federal government actually gains access to all information transmitted online while "other countries can do nothing about it."

As a "big country on the Internet," China says that it "opposes the U.S.' unreasonable and unilateral management of the Internet" and seeks to work with the international community to "build a new Internet governance system."

Thursday, July 26, 2012

Egyptian Olympians Sporting Counterfeit Uniforms

The Huffington Post is reporting that Egypt, in understandably dire economic straits given its recent political upheaval, chose to save some money by purchasing its London 2012 Olympic uniforms from a Chinese supplier.


That regrettable decision has led to the Egyptian Olympians being decked out in wholly counterfeit apparel that display both fake Nike and adidas logos.


Nike has brought the issue to the team's attention, and has raised valid safety and quality concerns about the counterfeit apparel.

Sunday, July 15, 2012

Congressional "Outrage" Over Chinese-Made Ralph Lauren Uniforms?

American politicians, including Senate Majority Leader Harry Reid (D-NV), expressed "disgust" and "outrage" that Ralph Lauren's sartorial donation to the 2012 Olympics were made in China, and demanded that the uniforms be "burned."

But where is Congress's disgust and outrage about this alarming trend?



I would also point out that Ralph Lauren is one of America's iconic and most successful designers, who has done more for promoting American fashion and supporting the American Olympic team, than all of Congress combined.

Saturday, July 7, 2012

Internet Independence Declared, But the War to Regulate the Internet Has Only Just Begun

Wikipedia, Yahoo, Google and Facebook are among the usual suspects that have successfully galvanized public opposition to proposed online regulations.  The same cast of characters recently declared an Internet "Day of Independence."  But those seeking to enforce existing laws and enter into treaties regulating the Internet are finding themselves facing even more formidable foes – ranging from China to the U.S. Federal Reserve Bank.  And all signs suggest that the war to regulate commerce on the Internet has only just begun.


Part I:  Early Attempts at Regulation


Having been accused of aiding and abetting trademark infringement by jewelry icon Tiffany & Co., online auction site eBay successfully convinced the U.S. Court of Appeals for the Second Circuit that it was not vicariously responsible for the multitude of counterfeit Tiffany products that were being sold through its popular trading platform. Rather, the appeals court held that the onus lies on the brand owner to diligently police its marks against counterfeit items sold by eBay users.

After the eBay decision, brand owners’ focus began to shift away from eBay when seeking to stop the online sale of counterfeits, and began to focus more on websites and China-based “trading boards,” such as Alibaba, TradeTang, DHGate, Taobao and others. “Posting on these heavily-trafficked wholesale sites, a manufacturer located in mainland China or Hong Kong can make and sell hundreds of thousands of counterfeit products per week, and ship to distributors located all around the globe.  His sales make ten thousand listings for counterfeit goods on eBay seem like small potatoes in comparison,” says one source familiar with the Chinese trading sites.

As China’s online infrastructure expands, so too does the number of trade board users.  According to estimates, China now has 1 billion mobile phone subscriptions, but only about 14 percent of these already operate on China’s faster 3G networks, a number that will only increase as that nation invests in cellular infrastructure.

As a result, international trading boards run by Chinese Internet giant Alibaba Group are gearing up for an explosion in the number of consumers using their smartphones and tablet devices to buy products online in the next two years.  For example, Taobao Marketplace and Taobao Mall, which between them account for more than 400 million users, are already reporting a rapid sales growth by means of their iPad and iPhone applications.


Part II:  The Empire Strikes Back

The Chinese government has not sat idly by while its growing online companies are accused of harboring online counterfeiters.  When the U.S. Trade Representative recently listed Alibaba’s Taobao online retail site as one of the world’s most notorious markets in a U.S. government report, China’s Ministry of Commerce shot back with a vigorous attack:  “Since there is no conclusive evidence, there is no detailed analysis, this is very irresponsible and not objective,” said China Ministry of Commerce spokesman Shen Danyang.  “China believes the U.S. should … make fair assessments and avoid creating unnecessary negative effects for Chinese companies.”

In response to the mounting pressure, Alibaba hired high-powered lobbying firm Duberstein Group, and former Bush White House trade official James Mendenhall, now a partner at First Lady Michelle Obama’s former law firm Sidley & Austin, to represent Alibaba Group in talks with the U.S. government and industry groups.  These measures have already improved Alibaba Group’s image.

But an increase in the number of recently filed court cases suggests that the number of Chinese merchants that are actively trafficking in counterfeit goods on the Internet, through the use of “rogue websites” operating under spurious domain names incorporating trademarked brands, continues to skyrocket.

According to brand owners, “rogue websites” are unauthorized e-commerce sites that mimic legitimate channels of trade.  Consumers are lured to these sophisticated and well-designed websites that are replete with corporate advertising, credit card logos, and other indicia of legitimacy.  These sites often call themselves “sale outlets” in order to suggest that their merchandise is authentic.

However, such sites are actually devoted to illicit conduct, typically trafficking in counterfeit products, or offering illegal downloads of pirated music, movies or software.  These sites are also sometimes also used to steal consumers’ identities when the consumer reveals credit card information to make purchases, according to experts.  The U.S. Chamber of Commerce notes that studies demonstrate the dire implications and consequences of rogue websites distributing their illicit goods and illegal content to consumers.

Part III:  The Long Arm of the United States


In response to the growing problem, U.S. law enforcement and brands alike have taken concerted legal action against thousands of such sites in recent months. Similarly, the U.S. Department of Justice’s recent international raids on MegaUpload sent the signal that the federal government does not perceive online digital piracy of movies and music to be a victimless crime.

But following through to see these complex cases to completion is another story.  First, online distribution networks are fluid, and the common ownership and control of rogue websites is very difficult to trace and track down, requiring constant monitoring.  For example, forensic investigators using advanced data-mining software programs such as RogueFinder are able to link dozens — even hundreds — of seemingly unrelated domain names and websites.  This careful research can thereby lay the foundation to properly sue the anonymous entities operating a vast number of infringing websites, but also illustrates the enormous challenge of monitoring online counterfeiting networks that not only grow exponentially but are also in a constant state of flux.

Using this type of data, federal courts in New York, Florida and Nevada have ordered thousands of domain names and corresponding websites to be taken down, and handed over to intellectual property owners.  But Internet counterfeiters can simply shift the infringing content to new websites with new domain names only days later, brazenly hawking the same counterfeit products in open violation of court orders.

Second, no longer relegated to dimly lit basements and backrooms in factories, some accused infringers are now organized--and well represented.  MegaUpload’s founders have showed up in federal court in Virginia represented by mega-firms Hogan Lovells, Squire Sanders, Sidley Austin, and most recently, Quinn Emanuel. 

And their high-priced legal representation has paid off, so far.  The Quinn Emanuel lawyers have already raised questions about the procedural aspects of the Justice Department’s MegaUpload seizures, and have cast serious doubt on whether New Zealand’s arrest warrants will even stick, undoubtedly giving Justice Department lawyers heartburn.  “I frankly don't know that we are ever going to have a trial in this matter,” District Judge Liam O’Grady said to a Justice Department prosecutor at a recent hearing in the case.



Part IV:  "Follow the Money"


Law enforcement authorities have realized the critical importance of regulating online payment processing—which is essential to Internet counterfeiters’ business model—but have found it equally challenging to monitor and seize cash flows associated with the purchase of counterfeit goods online.

In April 2012, the U.S. Department of Justice and U.S. Immigration and Customs Enforcement seized more than $896,000, plus the domain names of seven websites accused of selling counterfeit sports apparel. Aggressively using anti-money laundering statutes in conjunction with the PATRIOT Act’s specific provisions giving the federal government jurisdiction over “Interbank” accounts, the Justice Department was able to use warrants to allow the U.S. to seize $826,883 that had been transferred from PayPal accounts to Interbank accounts held by Chinese banks in the U.S.

However, while the PATRIOT Act gives Justice Department lawyers a powerful weapon, no such provision exists in U.S. law for intellectual property owners acting on their own in civil cases.  In fact, some intellectual property owners have been stymied in their ability to even gather insight into the finances of international counterfeiters from international banks operating in the U.S. itself.

In one such case, Tiffany & Co. alleged that major Chinese state-owned banks maintain bank accounts for counterfeiters in China that ship fake designer goods into the United States.  The three accused banks - Bank of China, China Merchants Bank and the Industrial and Commercial Bank of China - all have branches in New York City.  The luxury-goods maker had petitioned to have the Chinese banks freeze assets in accounts owned by the alleged counterfeiters and turn over information about the clients to their attorneys.

However, the banks’ lawyers pointed out that the Federal Reserve, which regulates New York-based branches of foreign banks, supports the notion of treating each branch as a “separate entity,” and the idea that New York branches of foreign banks cannot be used as conduits through which to export American laws abroad.  A lawyer for the New York Federal Reserve had presented an oral argument in a similar case involving offshore accounts, warning that a decision in favor of disclosure could spark “a global asset hunt” in the New York court system, according to a court transcript.

In fact, an amicus brief the Federal Reserve Bank filed became part of a series of arguments in the Tiffany case that led District Judge Pauley to rule that Tiffany needed to seek information from the banks’ headquarters in China – and not in a New York courtroom.

However, just weeks after the Tiffany decision, another judge in the same courthouse, faced with essentially identical facts, held that luxury brand group Gucci America, Inc., was entitled to information held by Bank of China and other Chinese financial institutions, and that those banks were required to freeze the defendants’ assets. This matter is currently before the Second Circuit Court of Appeals, which is now charged with resolving the contradictory rulings

It is clear that a simple legal solution to bringing the Internet in line with established laws and traditional norms of intellectual property ownership is simply not in the foreseeable future.   Beleaguered intellectual property owners, faced with such significant opposition, must both adapt their existing business models, and continue to lobby for the passage of more creative laws as well as aggressive application of existing laws.  However, doing so will likely place them in a protracted battle with political and commercial forces far more powerful than they may have ever bargained-for.

And that is just the beginning.