Hacktivists use Baidu to Host Political Campaign Jul 17,2013

In early 2010, scores of Chinese men, women and children woke up to learn that their most preferred search engine has been hacked. More than ¾ of China’s online enquiries are handled by Baidu.com, and as such the company gives Google strong competition in a market where the number of internet users is 564 million. Allegedly the same group that had targeted Twitter launched an attack on Baidu rendering the search engine paralyzed for four hours. Internet users who had logged in and tried to access the website were re-directed to a page which mentioned that the site had been hacked by a group that calls themselves “Iranian Cyber Army”.

Described by many as another case of ‘hacktivism’ where popular sites are hacked to serve as advertising platforms for an extremist group, this caused Baidu to launch an official complaint with register.com. Register.com handles the website’s registrar of record and was accused of irresponsibly changing their email address on file on a request from an unsolicited individual. A Baidu employee’s account was phished and the security details compromised thus leading to a four-hour blackout for the site.

The lesson learnt here is that no company in today’s day and age can survive without adequate information protection and data security measures. Zenithsecure.com provides companies with a complete solution enabling them to overcome vulnerabilities and avoid any potential threats. If Baidu.com had employed their services and the hacking had been avoided, the Chinese would not have switched to competitor search engines during that time.

The Penetration Testing feature would have allowed Baidu to discover gaps and to work towards filling these explicitly identified areas. By mirroring a hacker’s impending footprints it would allow the search engine to stay proactive and better safeguard its systems and processes. The Zenith Vault services on the other hand, complement the penetration testing as they ensure that even if a malicious attack has been propelled, the databases are designed to not share information in its entirety.

As a precursor to the above, Zenith Services also provides a consulting feature which helps assess a company’s unique security needs and designs a package for them accordingly. This allows a mitigation of risk and assists the company in dealing with such a situation if it may arise, by adequate training of employees, proper control systems in place and efficient maintenance mechanisms. Companies like Baidu that are particularly data-centric have much to gain from a partnership with Zenith Services.