Over 1000 Australian websites taken down after China-based criminal plot revealed
Over 1000 Australian websites have been shut down after it was discovered they had been set up by overseas, largely Chinese, cyber criminals. by Paul Smith http://www.afr.com/technology/web/security/more-than-1000-australian-websites-taken-down-following-chinaled-criminal-plot-20161007-grxa2o The administrator of Australian internet addresses has shut down over 1000 websites, after overseas criminals were discovered establishing a network of bogus sites to scam consumers and steal credit card details. The move represents the largest ever move against dodgy websites in Australia, and comes after the suspect activity was first picked up two weeks ago by domain name administration body auDA. The 1025 sites were predominantly based in China, however auDA said some had been identified with sources from eastern Europe, North America and central, eastern and south-east Asian regions. Following its investigations the websites, all set up in the names of genuine Australian businesses, were taken down on Friday. The sites seem criminal rather than state-based but the news will add to heightened anxiety among business and government circles about cyber attacks originating from China. These concerns have escalated since the government upset Beijing with its decision to block the 99-year lease of NSW power asset Ausgrid to either Chinese state-owned company State Grid, or Hong Kong-based Cheung Kong Infrastructure. The websites in question had all been established with web addresses ending in the .au domain, which requires the owner to have an official Australian registration such as an Australian Company Number or Australian Business Numbers. However auDA discovered the sites had been established by criminals who illegally acquired ACN and ABN details then used them to set up the sites. The sites were related to numerous business types, but predominantly small and medium-sized businesses, with low-profile existing web presences. Consumers were sold goods which they will never receive or were misrepresented, and credit card details were harvested. Large-scale operation AuDA's chairman Stuart Benjamin told The Australian Financial Review that operations of this kind usually involved one or two websites being taken down for breaching the terms of trade, so this represented a significant escalation in illegal activity. He said the nature of the scam indicated it was a criminal endeavour with a financial motive, rather than anything related to state-based involvement or espionage. "What concerns us is that it appears to have been a very targeted approach," Mr Benjamin said. "Usually it is just a mistake or a one-off case, but in this case there has been a mass registration and it is certainly the largest ever policy delete we have done." Mr Benjamin said the investigation into the identity of the criminals was continuing, and it was yet to be determined if all of the websites had been registered by the same organised crime group. The investigators are also reaching out to their equivalent agencies overseas to determine whether Australia had been singled out, with signs a major European nation had also been targeted. International sensitivity Placing the blame for such matters largely on Chinese operators can shape up as an international relations problem, and Mr Benjamin said auDA had taken steps to ensure the websites were genuinely being run from China. He said in recent times some eastern European cyber criminals had adopted a strategy of routing their traffic through China, to try to cover their tracks. "We don't believe that it is the Chinese government or anything like that, but we do believe that it is coming out of China in a mass wave," Mr Benjamin said. "A number of the websites have Chinese language components; they are using Chinese-based forms and templates and also have China-based payment gateways." He said auDA had moved to swiftly close down the sites to maintain the high regard in which the most popular Australian internet domain is held. He said consumers had learnt to trust websites that end with .au, and while it was legitimate for overseas companies to own such addresses, it needed to carefully police improper use. -- Cheers, Stephen _______________________________________________ Link mailing list [email protected] http://mailman.anu.edu.au/mailman/listinfo/link
