Online terrorist emails harass Japanese society

 　　Cybercrime is a very intractable problem for countries around the world. With the continuous advancement of network technology, the means of crime have also become diversified. Hackers commit crimes through clever computer technology. They often hide themselves in difficult-to-detect corners, and remotely control other people's computers through viruses to release false and malicious information to the network. , have a significant impact on society. Moreover, criminals who spread malicious information by remotely controlling other people's computers can also cleverly wipe out the login traces. As a result, it is difficult for the police to track down this recurring cybercrime.

　　Suspects become victims

　　Japan has many seemingly strict laws in the fields of human rights, copyright and the Internet, including content that may be sent to prosecutors as long as a "murder notice" is written on the Internet. However, for those netizens who passively commit illegal acts due to computer virus infection, if they are convicted only on the basis of appearances, it is an irony for the police's means of combating this new type of crime. Because many netizens made themselves "criminals" because hackers made Trojan virus into their computers through remote control and released malicious remarks or false information, the procuratorial organs convicted the computer owners when they could not find conclusive evidence to prove the guilt of the computer owners. , will result in a "wrongful case".

　　Since July 2012, online terrorist information has appeared in Osaka, Tokyo and Mie prefectures in Japan.

　　At 9:45 p.m. on July 29, the suspect posted a terrifying message on the homepage of the Osaka City Government, "In early August, he will indiscriminately assassinate and finally commit suicide in Nihonbashi in Osaka City." The Osaka police immediately launched a search. I found out that the username of the wireless IP who left the message was Kitamura Mako. Mako Kitamura is a senior animator in Japan. In addition to starring in "Mobile Suit Gundam 00", he has also acted in cartoons such as "Tiger & Bunny", "Yu-Gi-Oh", "Wolf Rain" and "GUN XSWORD".

　　In 2008 and 2012, there were indiscriminate killings in Akihabara and Osaka respectively. In the June 2012 murder in Osaka, "Nitro+" music producer Shingo Minano was unfortunately shot, causing social uproar. Therefore, the Japanese police are very sensitive to such crimes. After discovering the specific IP address, Osaka police arrested 42-year-old Masaki Kitamura on August 26, on the grounds that Masaki Kitamura was obstructing the work of civil servants and police by posting threats of indiscriminate killing online. On September 14, prosecutors charged Beicun for allegedly maliciously harassing the police, firefighters, and businesses. However, Kitamura insisted that he was innocent. A joint investigation by the Japan Metropolitan Police Agency and the Osaka Police Department found that in August 2012, Kitamura’s IP address also caused a flight to New York to return midway because of the false news that “I planted a bomb on the plane” to Japan Airlines. . In connection with this incident, the police suspect that the computer of Bei Village may have been infected with a new type of computer virus that is difficult to detect, and others have used its IP address to spread terrorist news. When the police focused on Beicun's computer, they found that Beicun's computer was indeed infected with a Trojan virus. On September 21, the police released Beicun, and the procuratorate also withdrew the prosecution.

　　In fact, Beicun is not the first victim of the "unjust case". On September 10, 2012, the police in Mie Prefecture discovered that an IP address had posted a message on the Internet "Blow up the Ise Shrine". Detonate the bomb placed at the Ise Jingu Shrine and kill priests, nuns and pilgrims", which made Japanese society feel uneasy for a while. Police moved quickly to conduct a comprehensive search of the IP address and quickly identified the suspect.

　　The Mie County Police found that the information came from the computer of a 28-year-old unemployed man by searching the IP address. On the 13th, after entering the room to investigate the man's computer, the police confirmed that the malicious message was sent from his computer. On the 14th, the police arrested the man. However, the man shouted that he was wronged, and his father also told the police that his son did not do such a thing. The police then recovered the emails on their computer, only to find out that the emails were infected by a new type of virus and were malicious messages sent by others through their IPs. As a result, the police apologized to the man on the 21st and released him.

　　The virus infected in the man's computer is the same as the virus in Bei Village's computer, and its concealment is very strong. According to the results of the police investigation, the virus in the computer of Kitamura and the young man belonged to the same virus, but the file size was different. The young man's computer ran slowly after being poisoned, and it seemed that the computer was being manipulated, while Kitamura's computer did not appear abnormal after the poisoning. Allegedly, the police have not yet figured out how the new virus infects the computer. As for the "unjust case" between the man and Beicun, the public asked the police to conduct a careful investigation before arresting the suspect.

　　Toshi Sonoda, a professor at the Graduate School of Law at Konan University, who is familiar with cybercrime, said: "Although we know that personal computers may be remotely manipulated by a third party through a virus, it is difficult to identify the real suspect, so the victim is likely to be regarded as the Real criminals. In the future, the police should be cautious when arresting suspects. Citizens should not open suspicious emails at will, and it is best to prevent virus intrusions by installing anti-virus software.” 　　According to

Japan’s “Sankei Shimbun”

” reported that shortly after Shinzo Abe, the president of Japan’s Liberal Democratic Party, took office in 2012, the Japanese National Police Agency and the National Public Security Commission received emails to kill him one after another. After half a month of investigation, the Tokyo police arrested 4 people in a row, and have yet to find all the computers that sent the emails.

　　According to relevant personnel involved in the search, the e-mails were received from early to mid-October, and a total of 42 emails were received. The contents of the emails are almost the same, except that "I want to kill LDP President Shinzo Abe", there are also "Because it uses another computer as a springboard, it will never be discovered" and other contents implying remote control and "Don't try to catch them." Stay with me” and other content that provokes the police. In addition, the e-mail also included "Give you some hints", and listed some Japanese passwords and numbers. In addition, from October 1st to 17th, the official website of the Liberal Democratic Party also received 15 emails with the same content. In addition to the threatening emails added by the National Police Agency from the 30th to the 31st, the number of emails threatening Abe's personal safety sent through the same server exceeded more than 65 letters. In addition to threatening Abe's emails, the computer also blogged about "killing children" and other dangerous messages.

　　The Tokyo Metropolitan Police Department believes that all the threatening emails came from a single person.

　　The threat emails were sent using a network provided by the same Internet company in Japan. So far, the Tokyo Metropolitan Police Department has only found some of the computers that sent emails by further analyzing the communication records of Internet companies. On November 1, the Tokyo Metropolitan Police Department searched and seized five computers used by a 20-year-old man and his parents and conducted data analysis on these computers to prove that the information was sent from these computers. So the police shut down the five computers, and no similar emails appeared since then. However, the police said through investigation that the three people had not sent threatening emails, and it was suspected that the computer poisoning might have been remotely controlled by others.

　　Through remote control to infect Internet users with viruses and cybercriminals to steal user information from smartphone accounts, criminal cases using network servers continue to appear, seriously endangering network security. According to the National Police Agency, there were about 660,000 street robberies in Japan in 2010, an 84% decrease from the previous year and a 10-year decline. "Criminal acts may shift from the real space to the cyber virtual space," said an official of the National Police Agency.

　　This unusual provocation to the police caused all investigators a headache, unable to find the real suspect, and the police had to swallow it up. From the point of view of catching the wrong person, the Japanese police seem to be unable to cope with the rapidly increasing cybercrime.

　　Faced with this situation, the Tokyo Metropolitan Police Department and the "Internet Security" company, a non-governmental organization specializing in computer viruses, began a joint investigation. On October 23, 2012, the Tokyo Metropolitan Police Department, experts and technicians held a seminar on virus crime countermeasures for the first time. The participants expressed that they would jointly discuss countermeasures to prevent and combat computer virus crime in the future. The head of the Tokyo Metropolitan Police Department said: "The technology of civil organizations is constantly improving. I hope they can quickly make up for the shortcomings of the police in investigation."

　　Since the real criminals pass through multiple servers abroad, they use a software that can communicate anonymously. " Tor" to distribute terrorist information, making it difficult to trace its specific IP address. The officer in charge of the police search also said that "it may not be possible to locate the real suspect". However, cybersecurity companies such as Trend Micro and McAfee, which participated in the virus crime countermeasures seminar, have signed agreements for joint investigations with agencies such as the FBI outside Japan, through which companies may be able to Find the real criminal. The officials of the Tokyo Metropolitan Police Department expressed hope for the cooperation between the government and the public. He said: "I hope that the directors of the families will find the real criminals." The United States launched an investigation. The Tokyo Metropolitan Police Department will also send investigators to Europe in light of the possibility that hackers may conduct remote virus control through European countries such as Germany.

　　At the same time as the police began to act, the Japanese government also called on Internet users themselves to pay more attention to their own network security. "Cybercrime in Japan mainly harms users through pay-for-scam fraud and fake anti-virus software," said Kazuo Tagaya, head of the network sharing section at Trend Micro, which specializes in antivirus software. "Pay-for-scam refers to users infecting computers by clicking on links. Viruses. This kind of virus is more common in pornographic websites. The crime of fake antivirus software refers to the behavior of luring users to install antivirus software to defraud fees and steal personal information.”

　　For these common cybercrimes, Taga proposes some preventive measures. For example, buy antivirus software from regular channels and update it frequently, do not easily open attachments in emails sent from unfamiliar addresses, do not click on links on websites where you can leave messages anonymously, and use those with minimum limits when shopping online. credit card etc.

　　Countermeasures against cybercrime

　　According to the "Sankei Shimbun" and other media reports, Japan's Ministry of Internal Affairs and Communications has allocated a budget of more than 1 billion yen three years ago to develop an automatic identification software to automatically detect similar online murder notices or "lotus". Root” (pistol), “bean” (bullet) and other criminal information implying arms transactions, and promptly notify network operators. This automatic notification software is called "announcement.in", and the Ministry of Internal Affairs and Communications will invest hundreds of millions of yen in this research this year. It is said that this kind of software can digitize the implied language, and has the function of analyzing the entire information content of the email through "natural language technology" to determine whether it has a criminal element. Although the overall budget and development time are not specified, the Ministry of Internal Affairs and Communications said the software "can eliminate the need for manpower to detect the network and mechanically extract illegal or harmful information from it, so that the efficiency of case determination can be rapidly improved."

　　Because criminals spread malicious information through servers in multiple countries, their concealment is very strong, and the police are helpless about the attacker's motives and how to track the real sender. The person in charge of the search at the Osaka Prefectural Police Department shook his head and said, "We still don't understand why the criminals do this." Usually, the remote control crimes using other people's computers are almost all illegal funds obtained from online banking, but The attackers did not show this desire this time.

　　According to the police, the virus that poisoned the computers of Kitamura and others this time was a virus called "Trojan Horse" with the file name "iesys.exe". When the user opens this kind of file, the computer will be poisoned, and the operator can see the user's keyboard operation and browse the homepage at any time. Moreover, the criminal can also steal the user's online banking account number and password. However, when the Osaka police investigated the computers of Kitamura and others, they found that the criminals did not steal their online banking accounts. Therefore, the police believe that the hacker may use this to disrupt social order.

　　However, according to Trend Micro, when illegal information is entered on a virus-infected computer, the computer automatically alerts a "writing has ended" instruction, and the displayed text is in Japanese. For this reason, the police speculate that the criminals may be Japanese. However, according to this clue, the police arrested the wrong person. Because the criminals are remotely controlled through servers in five countries, including Switzerland and Liechtenstein, the police must use the servers of these countries that do not actively cooperate to find the real sender. Moreover, even if these countries actively cooperate, it is still necessary to track the specific sending IP through a special communication line. The expert sighed: "Only people who are familiar with communication functions know how to use special lines." Since the use of special communication lines requires analysis of huge data, doing so is tantamount to looking for a needle in a haystack. The police officer in charge of the case investigation said: "It is extremely difficult to target criminals."

　　Although the Tokyo Metropolitan Police Department has also set up a network security company and an association, and has begun to solicit opinions from the public to search for criminals, there is still no clue. Moreover, this method is only effective for a while. In the long run, the Japanese government needs to strengthen the training of search server talents. If a plan for cultivating talents is not made quickly, I am afraid that the search for cybercrime will fall into a more passive situation.