Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

LOLCats and PC viruses - Japan gets a lesson in cybersecurity

Jay Alabaster | Feb. 25, 2013
The national police reboot their anti-hacker tactics after months of public ridicule from what appears to be a rogue hacker

National TV anchors struggle through explanations of the Tor anonymity network, while newspapers run detailed graphics on remote hacking software and the national police warn against using obscure online tools known as Syberian Post Offices.

Japan is in the midst of a cybercrime fix.

The public has been drawn in by the saga of what appears to be a lone hacker who slipped software onto the computers of innocents and used them to post fictional warnings of imminent mass murders at public schools and attacks against airplanes. He then spent months taunting authorities through emails to the national press.

After a public pursuit that included multiple false arrests, a taunting message that led to a memory card planted on the pink collar of a cat on a small island, and images posted online with their location data apparently tweaked to mislead authorities, police finally arrested suspect Yusuke Katayama, a 30-year-old slightly chubby IT worker, last week. Police seem confident they got the man responsible for it all, though some are still doubtful.

"It took so long, and it seemed as though the police were helpless to find him," said Yoji Ochiai, a lawyer and former public prosecutor who specializes in online crimes, and who also received emails from the hacker.

"This can be thought of as a major lesson for the police."

The more colorful bits of the story have trickled out through the Western media in short bytes of hacker comedy -- bungling police arrest and question the wrong guy, four times; online videos of the cat rubbing up against the legs of reporters -- but industry watchers say the ordeal has triggered real change. The public humiliation has forced Japan's National Police Agency (NPA), whose role is similar to organizations like the Federal Bureau of Investigation in the U.S., into swiftly adopting a number of reforms.

"The police made the false arrests based on the IP addresses of computers that accessed the public forums, that was the standard," said Yoshimi Usui, the director of RIIS, the Research Institute of Information Security.

"It seems they didn't even know that anonymizer tools existed."

Previous incidents have been far more serious -- the Sony gaming network hack in 2011, stolen secrets from military contractors and the space agency, online break-ins at parliament -- but nothing has captured the country's attention quite like this.

The events that led up to the arrest started in June of last year, when messages of mass killings and public attacks began appearing in online postings. After authorities arrested and released the wrong suspects, the hacker, who police now say is Katayama, chided them through emails to the press, including one that led them to the memory card on the cat. The card contained a copy of a powerful program authorities believe Katayama created and employed, which allowed him to anonymously control remote computers and make the postings.

 

1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.