US slams Vietnam internet censorship laws despite PRISM web monitoring hypocrisy

The US has attacked Vietnam over its plans to introduce laws to control and monitor the type of material citizens can publish and share online, claiming that they contradict basic human rights.
The calls may raise criticisms from web freedom advocates, as they come in the wake of revelations of huge-scale internet monitoring by the US under its PRISM programme, which was also slammed as a potential breach of human rights.
The law, called Decree 72, is set to come into force on 1 September, and covers the “management, provision and use of internet services and online information” in the country. This includes banning the publication of material relating to the government or that "harm national security".
However, the US Embassy in Vietnam has hit out at the plans, urging the nation to “respect the right to freedom of expression” and allow its citizens to use the web as they wish, as outlined under human rights laws.
“Fundamental freedoms apply online just as they do offline. Decree 72 appears to be inconsistent with Vietnam’s obligations under the International Covenant on Civil and Political Rights, as well as its commitments under the Universal Declaration of Human Rights,” the US said
“We are deeply concerned by the decree’s provisions that appear to limit the types of information individuals can share via personal social media accounts and on websites.
“In addition, this decree will limit the development of Vietnam’s budding IT sector by hampering domestic innovation and deterring foreign investment.
The decision was also condemned by the Asia Internet Coalition, with its executive director John Ure writing that it was “unfortunate” that the country had taken such “a restrictive policy approach towards the management of the internet”.
“We believe that the decree will negatively affect Vietnam's internet ecosystem,” he said. “In the long term, the decree will stifle innovation and discourage businesses from operating in Vietnam, thereby hindering Vietnam's goal to establish itself as an advanced competitive ICT nation.”
The statements are ironic given that the US has recently been found to be monitoring billions of internet messages under its wide-ranging PRISM programme. This has been used to capture huge amounts of data on web communications and the US is even reported to have paid the UK to do similar work.

Criminals hosting child pornography on 227 business websites

Businesses' website are being illegally hijacked to forcibly store child pornography, according to the Internet Watch Foundation (IWF), in what security researchers believe could be a ransomware scam.
IWF technical researcher Sarah Smith uncovered the alarming trend after 227 small to medium-sized businesses, including a furniture store, reported falling victim to the attack.
She explained that the hack caused unsuspecting web users looking at legal adult content to be forcibly redirected to the business sites hosting the images.
"We hadn't seen significant numbers of hacked websites for around two years, and then suddenly in June we started seeing this happening more and more. It shows how someone, not looking for child sexual abuse images, can stumble across it," Smith said.
"The original adult content the internet user is viewing is far removed from anything related to young people or children."
The motivation for the attacks remains unknown, though Smith confirmed the IWF is tracking the movement of the attacks and is working to trace its origin.
"We've received reports from people distressed about what they've seen. Our reporters have been extremely diligent in explaining exactly what happened, enabling our analysts to retrace their steps and take action against the child sexual abuse images. Since identifying this trend we've been tracking it and feeding into police forces and our sister hotlines abroad," she said.
F-Secure security analyst Sean Sullivan told V3 the attack is likely the first stage in a wider campaign. "If this is in any way prevalent, I would suspect it is part of a ransomware or blackmail scheme," he said.

"From what I've read, malware is also pushed by the 'orphan' folder on the hacked site. And then – if a ‘police' ransomeware notification shows up a week later demanding that the victim pay a fine – I would very strongly doubt that the victim will seek tech support help, because they'll have seen an obscene image recently.
"The only other motivation that I can think of is some elaborate plot to publicise the need for a UK porn filter as 'porn' can lead to child abuse images. But I don't see why somebody would do that, as the government is already moving in that direction."
Independent security expert Graham Cluley mirrored Sullivan's sentiment confirming that the evidence suggests the attacks are not designed just to spread child pornography.
"I think it is unlikely that the offending images have been planted on the legitimate websites for the purposes of delivering the illegal content to paedophiles. It just doesn't seem plausible to me, and the chances for being discovered are too great," he wrote.
"Wouldn't it be an altogether more convincing and successful scam if the victims had been visiting adult websites, and found themselves unexpectedly looking at child abuse images? What better way to scare someone into paying a ransom than to tell them that they have been spotted accessing child pornography?
"Many people who receive a message like that would be petrified of contacting the police to check if it's true, or taking your PC down to the local computer store to be checked over."
Ramsomware is a dangerous form of malware that locks victims' computers and instructs them to pay a "fine" to have them unlocked. The malware has been a growing problem for firms, with new scams appearing on a near daily basis. Most recently ransomware posing as the US Department of Homeland Security and FBI were uncovered targeting unwary web users.