China Watch Blog

China Watch Blog has learnt that Prolexic, the global leader in Distributed Denial of Service (DDoS) protection services, announced that it has issued a number of recommendations that organizations can use to validate their DDoS defenses, as well as protection services they receive from mitigation providers.

“Making sure a provider can actually deliver on the level of service it promises is a critical step that many organizations overlook,” said Stuart Scholly, president at Prolexic. “Mitigation failure is such a common problem that the majority of Prolexic clients came to us after the DDoS protection they had in place did not work.”

Prolexic recommends that organizations work closely with their DDoS mitigation provider(s) to complete a professional, planned provisioning and service validation. The only way to be sure that DDoS protection will be effective is through proactive validation against different types of attack scenarios.

Prolexic recommends the following best practices for DDoS mitigation service testing and validation:

· With the DDoS mitigation service active, verify that all applications are performing properly.

· Verify that all routing and DNS is working.

· In partnership with your mitigation service provider, generate a few gigabits of controlled traffic to validate the alerting, activation and mitigation features of the service.

· Test small levels of traffic without scrubbing and without any DDoS protection to validate that your on-premise monitoring systems are functioning correctly. This action will also help you identify the stress points on your network.

· Conduct baseline testing and calibrate systems to remediate any network vulnerabilities.

· Schedule validation tests on a regular basis (yearly or quarterly) with your DDoS mitigation service provider to validate that the service configuration is still working correctly – and eliminate the risk of network element failures due to DDoS. If network issues arise during testing, your service provider may need to make modifications based on recent changes to your network, such as modified firewall rules, firmware updates and router reconfiguration.

“Based on the test results, Prolexic also recommends developing a mitigation playbook as part of an incident response plan,” said Scholly. “This helps ensure that everyone in the organization knows what to do and what to expect if an attack strikes.”

Additional DDoS service validation recommendations and guidance on how to develop a DDoS mitigation playbook can be found in Prolexic’s latest white paper, “Planning for and Validating a DDoS Defense,” which can be downloaded for a limited time from www.prolexic.com/planning.

China Watch Blog reports that China’s e-commerce economy will grow nearly six times by 2020 as more retailers and vendors tap online shopping to lure consumers.

The e-commerce economy – including online transactions and the e-commerce related service industry and information technology infrastructure – will reach 43.8 trillion yuan (US$7.1 trillion), with the majority made up of enterprise transactions of 33 trillion yuan, according to a Shanghai Daily report.

The value of online retail sales, from individual and enterprise sellers, may reach a combined 10 trillion yuan by 2020, Alibaba Group Research Center said in a report yesterday.

Though e-commerce retail only accounted for 6 percent of China’s overall economy in 2012, the figure is seen to reach 16 percent by 2020 due to its huge growth potential as vendors move to the virtual world to lure shoppers, the report said.

Last year, Alibaba Group’s retail arm Taobao and Tmall recorded more than 1 trillion yuan of sales, 10 times their transaction size in 2008.

China is set to become the world’s largest online market whose size may exceed US$420 billion and rise to US$650 billion annually by 2020, McKinsey&Co said in a report in March this year.

China is home to the world’s largest Internet user base of over 560 million and a younger generation of consumers who shop by clicking their mouse.

China Watch Blog has learnt that three months from now, Yahoo will shut down its Chinese email service, meaning that millions of users here will have to prepare for an alternative. But that in fact is a very small number as the American conglomerate only holds less than 2 percent of the market share in China against tough local competition.
Wang Yan, 28, has been using her Yahoo account for more than 10 years. It was in fact the first email address she ever had.

“I started using Yahoo in college. But eventually more choices came along and now I’m also using many more accounts such as qq and gmail. I don’t think I’m going to move my email content like Yahoo has suggested. It’s too much trouble,” Wang Yan said, Xinhua news agency reports.

Users are advised to register with AliCloud, before the service is completely closed on August 19. The recommended product is run by Alibaba, which became yahoo China’s parent company in 2005, after reaching a deal with the American headquarters.

China has some 200 million email users, and nowadays it’s rather common to have multiple mailbox accounts, as consumers’ demands are changing all the time. Wang Yan’s husband Wan Quan is also one of yahoo China’s users who’ve been slowly driven away by its competitors.

“The closure won’t affect me too much and I’ve migrated my account to alicloud. I chose yahoo China ten years ago because at the time there weren’t many other free and quality options, but now I also use qq because it makes sending super size emails easy,” Wan Quan said.

According to statistics, currently the top five e-mail services are all provided by domestic companies. Tecent QQ, Sina, and Sohu are some of Yahoo’s most outstanding rivals. Not only has its email service rank dropped from number four to six from last year, its mainland employees have also been reduced by two thirds to about only 200 today, leaving just about some 30 people running the email service in China.

China Watch Blog has learnt that Alibaba Group Holding Ltd, China’s biggest e-commerce company, plans to step up efforts to fight counterfeiting, which the company head says is the biggest obstacle for its future development.

China Daily reported that the Hangzhou-based company will spend “as much as it can” to tackle counterfeiting problems on its e-commerce websites, said Shao Xiaofeng, Alibaba’s chief risk officer.

The company will set up a committee for intellectual property rights protection this year, which will have Lu Zhaoxi, its new CEO starting on May 10, as head and Alibaba’s different business division leaders as members, Shao said.

The effort came after the company was removed from the United States’ yearly list of the world’s most “notorious markets” last year because of its improvement in reducing counterfeits.

“I am afraid that something we notice but don’t prevent today will eventually grow into a cancer for a company’s future development. … That’s why I think I will surely regret it if we don’t do well in fighting counterfeits,” Ma Yun, Alibaba’s chairman, said at his last news conference before he officially steps down as CEO on May 10.

About 2,000 employees at Alibaba are responsible for protecting intellectual property rights.

Last year, Alibaba dealt with 94 million items that infringed copyrights and handed out punishment 900,000 times, it said.

In the first three months of this year, China’s public security organs have dealt with 3,747 counterfeit cases, which involved a total value of 24.2 billion yuan ($3.91 billion), said Meng Qingfeng, head of the Economic Crime Investigation Department of the Ministry of Public Security.

In December, a report from the United States Trade Representative said that Taobao, owned by Alibaba, “has worked with rights holders to significantly decrease the listing of infringing products for sale through its website, and has committed to continue working to streamline its complaint procedures to further reduce listings of counterfeit products”.

China Watch Blog has learnt that in one of the most stunning, non-progressive moves seen from a technology company, Yahoo! has banned working from home. The justification was to improve speed and quality by working side-by-side as one. This begs the question – is the issue really virtual work or the lack of good management coupled with an inability to capitalize on the virtual work environment?

There is a New Currency:

The truth is that the new currency for top tier talent is freedom. These people came to the realization long ago that gold-watch retirements are a thing of the past, and to ensure a long-term career meant taking matters into their own hands. Since the benefits offered by corporations such as insurance and paid vacations are not part of this new world of work, freedom and flexibility became the desirable traits.

Spend the New Currency with Better Management:

Progressive companies attract creative, productive talent with the way they “manage people,” which truthfully is not to manage people at all. Rather than buy into the “productivity can only be seen” mode of thinking, companies that embrace the virtualization of work product attract that always sought after motivated self-starter.

To capitalize on this new work currency, companies must:

• Manage the process and outcome, not the people.
• Utilize more peer to peer management to encourage collaboration.
• Invest in cloud technology to manage projects.
• Understand virtual collaboration both from a technology and communication standpoint in order to get the best ideas.
• Physical presence does not improve creativity. Creative people engaged in the idea and committed to a solid outcome do.

$2 Bills Seemed Like a Good Idea at the Time:

Forcing people to return to a cubicle breeds a level of mistrust. Obviously those who have enjoyed the freedom of virtual work environments will feel that they are not empowered to perform their job on their own. The top tier talent won’t make the cubicle walk of shame. They will simply find another place to commit their talents. Only those who feel they do not have a choice will succumb.

About The New World of Work: From the Cube to the Cloud:

The New World of Work: From the Cube to the Cloud is the new, eye-opening book that underscores startling statistics about the global labor force. The New World of Work provides the knowledge to propel careers and businesses forward with a better understanding of next-generation work by explaining how to become a Virtualpreneur™ and highlighting how businesses can compete for virtual talent. Learn more by visiting www.newworldofwork.com.

China Watch Blog has learnt that Prolexic, the global leader in Distributed Denial of Service (DDoS) protection services, released results of a website performance case study that documented variations in load times during live DDoS attacks.

The study tracked performance of two financial institutions; one website had average website load times of two seconds or less, while the other experienced multiple site outages and lengthy delays in server response times.

The headline-making attacks were publicly announced on underground hacker sites before they started. Based on that information, Prolexic was able to track the same DDoS attack against two financial services companies simultaneously.

One firm used Prolexic’s PLXrouted DDoS protection service while the other financial institution was engaged with another DDoS protection provider. Response time – how long a page takes to load on a website – was tracked for both firms using the Compuware Gomez Application Performance Monitor, from multiple worldwide locations.

Data shows that the user experience was far superior with Prolexic. The Prolexic client suffered zero outages and pages typically loaded in a tolerable two seconds, even though the financial services firm was under a significant DDoS attack. In contrast, the firm that did not use Prolexic suffered three separate outages and website users had to endure page-loading times as high as 50 seconds in some cases, making the site unusable.

“Minimizing the impact of an attack is job number one for DDoS mitigation providers,” said Stuart Scholly, president at Prolexic. “Even if your website is under a severe attack, Prolexic can help ensure the user experience is maintained at acceptable levels.”

The public can learn more about Prolexic’s performance under attack conditions in Booth 2539 at the RSA Conference, Feb. 25 – March 1 in San Francisco, or by viewing our website latency video at prolexic.com/latency.

China Watch Blog reports that a website specifically devoted to sharing information related to mobile development, according to website “All Things D”, seems to be the site likely responsible for hacking into recent major tech companies.

The report at All Things D says Apple, Facebook, Twitter — all hacked. And there’s probably more to come. And all of them have one thing in common, that is, they have visited this compromised website related to mobile development.

The report said after Facebook employees visited the mobile development site in recent weeks, malicious code injected into the HTML of the site used an exploit in Oracle’s Java plug-in to infect employee laptops, as the company divulged last Friday.

Though the compromised website is named at All Things website, please do not visit it as it may continue to be compromised.

China Watch Blog has learnt that Thai police have arrested three Nigerian men and a Thai woman for allegedly operating an online relationships scam and swindling eight million baht from 18 women.

The Bangkok Post reported that police arrested the suspects on outstanding warrants issued by Chiang Mai Provincial Court at an apartment in Ramkhamhaeng Soi 8 in Bangkok’s Bang Kapi district on Monday.

They seized four ATM cards, a mobile phone and a notebook containing the names of more than 100 women.

Those arrested were identified as Shinonsu Esaeokae, Chidi Enva, Pios Ennajee, and 32-year-old Thai woman Aunchittha Prasertsri, Pol Lt Gen Panu Kerdlarppol, head of the Immigration Police Bureau, told a press briefing on Tuesday.

The Nigerians would pose as wealthy people, using photos of good-looking US and European men when communicating with their targets through chat programmes and social networking websites including Facebook, Pol Lt Gen Panu said.

They web-chatted with the women for between one month and one year to convince them they loved them.

The conmen then told the victims that they had shipped valuables to them as gifts and showed them photos of the alleged expensive goods and fake invoices. In some cases, the gang claimed to have bought a house or a car for the woman.

When the shipment failed to arrive on time as promised, Mrs Aunchitta, who posed as an embassy official, would contact the victims and tell them they had to pay customs duty on the deliveries in order to receive them.

If the victims believed them, the conmen would ask the women to transfer money to them.

The internet fraud gang was believed to have 70 members and the gang’s leader was in Malaysia, Pol Lt Gen Panu said.Police investigations were continuing.

China Watch Blog reports Apple’s revenue may have missed expectations as sales of the iPhone reportedly disappointed. However, data from leading independent digital marketing agency, Greenlight, shows no slump in the number of online searches pertaining to iPhones, in the lead up to Christmas.

In fact, search volumes for the term ‘iPhone 5’ saw a dramatic 594% jump. However, the opposite was true for the term ‘Blackberry’. Just last week, its inventor, Research in Motion (RIM), showed off two new smartphones for its newly built BlackBerry 10 operating system.

According to Greenlight’s ‘Brown Goods Sector Report – Issue 14’, in November 2012, a total of 12 million searches were made on Google UK for Audio & Accessories, Cameras & Camcorders, PCs, Laptops and Tablets, Phones & Accessories and TVs & DVD Players, up 5 million on August 2012 levels.

Phones & Accessories-related search terms proved most popular. They accounted for 53% of all Brown Goods-related queries compared to 32% in August, when searches pertaining to PC’s, Laptops and Tablets dominated (48%).

‘iPhone 5’ search volumes see a six-fold rise

According to Greenlight, the term ‘iPhone 5’ was queried more than 4 million times, accounting for 34% of all Brown Goods-related searches in November, up from August’s 673,000.

In the case of ‘Blackberry’ however, the opposite was true. Greenlight’s data shows search volumes for the term totalled 246,000 compared to 301,000 in August.

Apple knocks Amazon UK off top spot to become the most visible site for Brown Goods

Greenlight also assessed which brands, retailers and review sites were the most visible in both Natural Search* and Paid Media** results and therefore had the greatest share of consideration when UK consumers searched on Google UK for Brown Goods in November.

Greenlight’s Integrated Search league table shows that Apple, which in August lay in fifth place, snatched Amazon UK’s lead to become the most visible website overall. In November, it achieved a dominant share of visibility across both the Natural Search and Paid Media listings – 60% and 72%, respectively.

Whilst Amazon UK was relegated to fourth place, it was one of just three sites that managed to hold on to a spot in Greenlight’s top ten, from August.

China Watch Blog reports that many people are unaware that cyber criminals target mobile devices – or think that putting a four-digit PIN code on their phone is sufficient protection.

But yahoo reports that cybercrime on mobiles is already real. In the UK, 22% of users report that they have received text messages requesting that they click a link or dial a number to access a ‘voicemail’ message – a common attack used by cybercriminals

App stores such as Google’s Play are also filled with ‘fake’ apps – often made to look like real hits such as Angry Birds – which can infest phones with adverts or even run up huge bills calling numbers abroad.

Mobile adware – or ‘madware’ – attacks have risen 210% in the past year, according to figures from Norton.

‘Your smartphone is as sophisticated if not more than your PC,’ says Norton’s director of security response, Kevin Haley. ‘It has all the same information, it’s got your work information and your personal information. It even has financial transactions on it. Why wouldn’t the bad guys target it?’

Safe use of smartphones will come into focus once more on Tuesday, February 5 (that is today), which is the tenth Safer Internet Day.