Feeds

Beyond the Great Firewall: China's global censorship campaign

Web blocks, DoS, phishing the price hacks pay for negative China stories

Combat fraud and increase customer satisfaction

China’s fearsome censorship apparatus is increasingly expanding beyond the confines of the Great Firewall to influence media outside its borders, often by online attack, according to a new report from a US Congress-funded think tank.

The Long Shadow of Chinese Censorship (h/t WSJ) by Freedom House analyst Sarah Cook is a report for the Center for International Media Assistance, part of the Congress-backed non-profit National Endowment for Democracy.

China’s increasingly proactive stance on how it’s portrayed outside the country comes in response to its tech-savvy citizens' growing desire to circumvent the Great Firewall to read international coverage, and Beijing's intensifying soft power battle with Washington.

The report continued:

Since coming to power in 1949, the Chinese Communist Party (CCP) has constructed a multi-layered system for censoring unwanted news and stifling opposing viewpoints within China. Over the past two decades, this domestic apparatus has spawned mechanisms that extend some censorship to media outlets based outside China. Reflecting the adaptive nature of Chinese authoritarianism, such pressures are a complex mix of overt official actions and more discreet dynamics.

China's efforts can be split into four distinct areas: direct action from Chinese officials to prevent negative articles being published and punishing media owners that disobey; economic ‘carrots’ and ‘sticks’ to induce self-censorship; indirect pressure by advertisers, foreign governments and others; cyber attacks and physical assault.

The report claimed that different strategies are used for different geographies and situations.

For example, Chinese language media owners outside of the PRC have been rewarded with lucrative advertising deals and other incentives for positive reporting, while for non-Chinese language outlets in Asia, Latin America and Africa local government officials are often approached to restrict damaging reporting, Cook said.

It continued:

Cyberattacks have been directed at broad targets (such as the global servers of international outlets or foreign hosting providers) as well as specific ones (individual journalists or overseas news websites).

Some of the biggest cases of late include the New York Times, Washington Post and Wall Street Journal revelations earlier this year that they had been the victim of sophisticated attacks launched from China.

However, the report claimed that denial of service and phishing attacks in particular are a continuous threat for smaller, mainly Chinese language outlets such as Boxun, China Digital Times and New Tang Dynasty Television.

This is “one of their key on-going challenges and expenses”, it said, although attacks are often stepped up at politically sensitive times such as April 2012 when the scandal of disgraced Chongqing party leader Bo Xilai first broke.

Web blocking is also used by the party inside China in order to punish and put pressure on media owners outside, the report claimed.

After the New York Times published reports about the large financial wealth accrued by family of Xi Jinping and Wen Jiabao in 2012, for example, its English and Chinese language site were blocked outright in China, rather than the specific offending pages.

The company’s stock lost 20 per cent of its value overnight and had to renegotiate advertising deals, causing further losses, the report said.

Online attacks are also carried out on international journalists inside China, of course, to the point where “computer problems” and new malware “have become routine for foreign reporters in China”, said Cook.

She clarified that although these online attacks “are not conclusively traceable to the central Chinese authorities”, they nevertheless “serve the party’s aims and result from an atmosphere of impunity for those attacking independent media”. ®

SANS - Survey on application security programs

More from The Register

next story
Android engineer: We DIDN'T copy Apple OR follow Samsung's orders
Veep testifies for Samsung during Apple patent trial
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
Jack the RIPA: Blighty cops ignore law, retain innocents' comms data
Prime minister: Nothing to see here, go about your business
Banks slap Olympus with £160 MEEELLION lawsuit
Scandal hit camera maker just can't shake off its past
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.