2014: A Chinese View on Chinese Cyber Security Challenges

A Chinese government view of China’s cyber security challenges in 2013.  Below is a summary translation of the April 2014 report  “2013 Report on Trends in China Internet Network Security — A Perspective from the Chinese National Computer Emergency Readiness Team”   《2013 年我国互联网网络安全态势综述
——CNCERT 观点》  from China’s cyber security focal point the Chinese National Computer Emergency Readiness Team.(CNCERT)

Foreign reporting on China often focuses on cyber threats coming from Chinese hackers and state actors.  This report  takes a different perspective, reflecting Chinese concerns about their own vulnerabilities to cyber attacks.

The report outlines the type of threats facing Chinese networks and concludes with recommendations on measures China could take to improve its Internet security.   Much of the threat information they have is apparently from Internet companies and CERTS in other countries.  They also mention that many of their original threat reports come in from Chinese hackers.  Their websites lists a thank you bar graph with hacker handles on it reflecting the number of threat reports  received from various hackers.  

 CNCERT’s National Vulnerability database also puts out monthly and weekly reports as well as bulletins about emerging problems.

The Chinese National Vulnerability Database (CNVD) is at http://www.cnvd.org.cn/      distributes the latest reports of computer viruses and other cyber threats received from Chinese companies, hackers and other partners.

Here is a screen capture of the top page of the Chinese National Vulnerability Database as it appeared on September 15, 2017.  Other pages within the database provide statistical analyses of cyber threats, research reports and weekly reports and monthly reports of cyber incidents.

China National Vulnerability Database

The summary translations concludes with these policy suggestions:

Policy Suggestions

 Accelerate the formulation of web security strategy, corresponding policies along with web protection capabilities

Given PRISMGATE and state-level advanced persistent threat actor incidents,  we suggest that China rapidly formulate a state-level network information security strategy.  The strategy should set forth strategic goals, overall guiding principles and specific guidance directed against specific types of security threats in order to provide overall strategic guidance.   Corresponding laws and regulations should clearly define tasks and responsibilities.  We suggest that attention be given to the design of the top level of the design to improve network security.  Attention should be paid to ensuring that work continues to assure cooperation across ministries as well as across industries and regions.   The network security resources of all departments should be organized so that each according to its defined responsibilities works together.  This will assure the coordinated mobilization of resources to protect China from attacks by state-level actors.

 Increase Investment in Network Security Work,  Make People More Aware of Network Security

We suggest that industries, companies and government departments increase their investment in network equipment and technology development,   strengthen their security management, and improve their capacity to respond to network security threats so as to reduce the extent to which network threats increase as technology advances.   Every unit should improve security awareness, establish system to improve security, and to regularly examine procedures and technologies for potential security threats and security vulnerabilities.

 Strengthen network security technology and methods and improve the capacity to track down the source of attacks

Network security technologies and methods should be strengthened to counter the threats of phishing websites, Trojans, mobile web malware, APT attacks, and other kinds of new threats.   Building capacity to identify sources of attacks, its target, and intentions, to gather data indicators, and restore to normal the system attacked, and to determine the ultimate origin of the attack will deter attacks to some extent.

 Increase the Chinese Domestic Content of Core Equipment,  Swiftly Establish a Complete Information Security Inspection and Verification System

We suggest strengthening the research, development, and promotion of key equipment and core technologies.  The domestic content of the internet equipment and software of key industries and of important information systems should be increased.  China needs to increase its self-sufficiency in hardware, software and service.  For a relatively long time, Chinese government departments have been unable to avoid using mainstream foreign network equipment and internet service.  We suggest strengthening security inspections and state monitoring capacity on systems connected to the Internet.  This will increase capacity to detect system vulnerabilities and to repair security vulnerabilities in a timely manner in order to ensure that Internet-connected systems are operating securely. 

 China should quickly establish an information security examination and verification system, define the range of  information production that are to be inspected and the nature of the inspection.  For each information product involved, according to its origin and its reliability, the capacity to monitor the product and the security characteristics of the product are to be examined.   The scope of applications for each product should be defined.  According to an established plan, information security testing locations could be established in order to improve China’s information and network security.

 Strengthen Capacity to Remove Malware, Maintain a Secure Mobile Operating Environment

We suggest that the government departments responsible strengthen their monitoring of the internet, require the companies involved to fulfill their responsibilities, strengthen security management of companies that sell mobile applications or provide value-added telecommunications services.   We also suggest that the communications industry, the internet industry,  hardware and software manufacturer and marketers strengthen industry associations and their sharing of information in order to monitoring of online malware,  make remedial measures more effective and to actively cooperate with government departments.

 Strengthen Net Security Educational Work and Improve the Ability of Net Users to Protect Themselves

We suggest that the government, industry, and the internet security companies work together with civic organizations to help net users increase their security awareness and security skills.   Through educational programming in mass media and on web sites, net users should be reminded to take better care of their data, to be careful in conducting transactions online, and to quickly repair security vulnerabilities. 


 China Internet Security Overview 2013 A CNCERT Perspective” — A Summary Translation

Chinese Communist Party Secretary Xi Jinping said “Without network security, there can be no national security”. Cyberspace has become the fifth strategic space after land, sea, air and space. The nations of the world are now stressing network security. During 2013, Snowden’s PrismGate revelations hit with the world with the impact of a big bomb. It ignited unprecedented concerns in international society and the public about network security.

In China, with the implementation of the “Broadband China” strategy, the internet has sped up and the number of user has climbed rapidly. The steady stream of new kinds of new mobile internet applications shows no sign of abating. 4G networks are beginning to be commercialized. More Virtual Network Operators are provided services through telecommunications networks. Internet connectivity and improved information processing capabilities improves the capabilities of traditional companies and making information consumption a new growth point in the Chinese economy.

This overview examines and analyzes the internet security situation and security threats in China during 2013.

The Internet Security Situation in China in 2013

During 2013, good progress was made in improving the security of China’s internet infrastructure. Many problems remain. There many information system security risks, particularly in the domain name systems that are part of internet infrastructure. Threats such as security vulnerabilities and DDOS attacks threatened the security weak points of the Internet.

During 2013, under the guidance of the PRC Ministry of Industry and Information Technology (MIIT), an overall evaluation and risk analysis of 3000 Chinese companies involved in internet infrastructure was undertaken. Ninety-seven percent passed — the same proportion as in 2012. The evaluation helped the companies place greater emphasis on preventing potential threats and protecting customer information.

Security Risks Remain in Internet Infrastructure Information Systems

During 2013, China’s National Security Vulnerability Database [CNVD ; web address cnvd.org.cn) 国家信息安全泄露共享平台 ] reported to telecommunications infrastructure companies 518 security vulnerability risk incidents, more than double the number reported in 2012. Security vulnerabilities reported by risk type were:

  • Commonly used hardware and software 42.1%,
  • Information security vulnerabilities 15.3%,
  • Bypassing authorization 12.7%,
  • SQL injection 12.0% and
  • Weak passwords 11.2%.

These security risk incidents affected 449 information systems. Of these, 54.6% of these were information systems of provincial-level subsidiaries of telecommunications companies. Another 37.2% of these systems belong to commercial groups. Although internet companies responded well to the reports, the access layers of the internet equipment of some companies were attacked. China is still fairly weak in its ability to defend against attacks organized by state-level actors.

The domain name system remains a security weak point affecting the stability of China’s internet.

Due to security vulnerabilities in the domain name server management system, attackers can arbitrarily change the domain name server record. On several occasions during 2013, the domain names of government websites and of internet service providers were stolen resulting in serious consequences. Moreover, denial of service attacks against name server systems are getting worse. On August 25, 2013, hackers in order to attack a website with a URL ending in .cn, launched a large-scale denial of service attack on the top level .cn domain name server. As a result, many government websites and important website such as the Sina microblog websites could not be reached or were very slow.

In August 2013, the service organization Aimin which has a registered Chinese domain name (22.cn) was attacked for a week. The peak attack data flow was several tens of Gbit/s. Several tens of thousands of domain names were affected. According to CNCERT, there were 58 relatively large DDOS attacks against Chinese domains.

A focus of CNCERT’s work during 2013 was reducing the flow of traffic from spoof IP addresses. CNCERT succeeded in reducing that flow to under 1%. Much data was coming in from spoofed IP address in other countries which made controlling them more difficult. Using DNS reflector technology, some hackers can greatly intensify DDOS attacks by a factor of 100 such as happened during the 2013 attack on Spamhaus, the international anti-spam mail organization, which hit a peak speed of 300 Gbit/s.

During 2013, CNCERT eliminated Trojans from 34,000 servers, and 720,000 hosts that were brought under control. 1455 relatively large zombie networks were eliminated. Hacker control of over 375,000 hosts was ended. As a result, the number of infected hosts fell, although the proportion of remotely controlled Trojans increased by 4.4%. These remotely controlled Trojans extracted important documents and sensitive information.

In March 2013 the international anti-spam mail organization Spamhaus suffered the largest DDOS attack ever. The DDOS attack peaked at 300 Gbit/s. Attackers used domain name server reflector techniques to increase the scale of the attack by a factor of 100.

With the great increase in the number of services provided over the Internet, there has been a corresponding increase in security problems affecting many users.

Frequent Security Problems in the Internet Service Company Traffic Carried on the Internet Infrastructure

Over the Top (OTT) services such as Zhengxin have often had reliability problems. On July 22, 2014, a failure caused loss of service to 60 million users. A check found that overloading and inattention to

security was the cause of the problem. A failure on a single circuit affected services to users on many different telecommunications networks.

During 2013, the website names of internet company websites were stolen in some parts of China. Sometimes traffic was diverted a webpage with advertisements. Some broadband connection providers on their local routers diverted traffic intended for certain websites, harming the business of some companies and the internets of internet users. CNCERT investigated these cases and worked together with the appropriate authorities to resolve them.

Number of Trojan Infected Internet Hosts in China Declines for First Time in Five Years

According to CNCERT monitoring, during 2013 11.35 million zombie internet hosts were infected by Trojans and 160,000 servers were controlled. These numbers are down 22.5% and 44.1% compared with 2012. This first decline in five years is the result of continuing work by China to eliminate Trojans and zombies and daily security work.

CNCERT working together with internet infrastructure companies 34,000 Trojan infections on servers and ended and carried out eight projects to eliminate malware. CNCERT eliminated 1455 relatively large zombie networks and cut off hacker control of 3.75 million infected computers.

CNVD analysis determined that there are backdoors on many commercial routers, including routers from D-LINK, Cisco, Linksys, Netgear, Tenda, etc. CNVD reports that using these backdoor hackers can steal information, do DNS theft etc. As of January 2014, some companies had still not fixed the problem or issued an upgrade.

Loss of Personal Information Online Undermines Credit Systems

With the proliferation of cloud computing, mobile internet service, and social media, protecting personal information is becoming harder. Much of this information is leaking onto the Internet where it is sometimes bought and sold.

In October 2013, CNCERT worked together with USCERT to prevent further information leaks after the Chakaifang website problem as revealed which exposed to collection data on 20 million travelers.

A security vulnerability in the Apache Struts 2 software was revealed in July 2013 when information was stolen using remote control of servers. Online merchants, insurance companies and government websites were affected.

Attacks on the Android mobile operating system up sharply

CNCERT noticed during 2013 a tripling of malware attacks on mobile phones using the Android operating system, amounting to 99.5% of all malware attacks on mobile phones that year. Malware attacks against all mobile operating systems reached 703,000 – over triple the 2012 total. Seventy percent of the malware aimed to create unauthorized charges.

During 2013, the number of phishing website increased by one-third. CNCERT found within China mainland 30,199 phishing pages directed against Chinese banks etc.

Mobile phone online financial transactions increased greatly during 2013, bringing with them increased targeting by hackers. In December 2013, the online payment site Zhifubao customer terminal had a security flaw that allowed anyone to set a new password after five failed login attempts.

Chinese government websites are often attacked to change a page. Ninety percent of the government websites belonged to local governments which typically have less skilled IT staff and so less security. During 2013, attacks on all websites jumped 46.7% to 24,034 while attacks on government websites rose 34.9% to 2430. CNCERT reported 1600 information leaks from Chinese government websites.

CNCERT organized eight anti-malware campaigns during 2013 in accordance with the Ministry of Industry and Information Industry “Mechanism for monitoring and Resolving Mobile Internet Malware Problems” . In 2013, the China Anti-Web Virus Association (ANVA) created the “Mobile Internet Application Voluntary Whitelist” mechanism, organizing companies and merchants to make a group of secure white-listed applications.

Cellphone Malware Proliferation Channels Diversify

CNCERT found that during 2013, cellphone malware was often downloaded from many different kinds of websites including commercial websites, blogs, and cloud drives. Over 12 million different IP addresses downloaded malware to mobile phones. Over 300 companies sell mobile phone apps. Many of these companies have inadequate security – one of them, the Anfeng Market, had several thousand apps that were infected by Trojans and then downloaded by mobile phone users over 2 million times.

Foreign hacker organizations attacks on Chinese government websites included attacks from “Anonymous”, “Algeria Hackers” etc. The “Anti-Communist Hackers” were very active, attacking government offices, universities and companies. The “Anti-Communist Hackers” during 2013 attacked over 120 Chinese government websites in Mainland China. Monitoring has revealed that these attackers take advantage of security vulnerability and then install a backdoor. It attacks a social media website about once every three days on average. Moreover, the “Anonymous” and the “Algeria Hackers” etc. defaced 187 Chinese government websites.

Some hackers attack Chinese government websites to take revenge against new government policies. On December 19, 2013, after the People’s Bank of China stated that it did not recognize Bit Coins and requested that companies in Mainland China that engage in third party financial transactions stop providing platforms for charging and payment in Bit Coins, the official government website of the People’s Bank of China and its official microblog were attacked by hackers. The attack made it difficult to use the site and resulted in many problem reports.

State-sponsored organized hacking attacks have increased and are a serious threat to key state infrastructure and essential information systems. According to surveys by CNCERT [China’s Computer Emergency Readiness Team] China faces serious threats and challenges coming from outside Mainland

China in the form of back door attacks on websites, phishing attacks, Trojan horse attacks, and zombie network attacks.

Since June 2013, when Snowden revealed the “Prism Plan” revelations showed how U.S. intelligence agencies have been spying on many countries and foreign citizens by eavesdropping and by infiltrating computer networks. The revelations showed how the U.S. has heavily invested in information collection through the Internet, and attacks on telecommunications networks, corporate servers and other invasive methods. Targets included senior state officials, diplomatic systems, media networks, large corporations and international organizations. China is an important monitoring and attack target. Both national security and the privacy of internet users are under serious threat.

During 2013, many advanced persistent threats (APT) were revealed. APTs became a new kind of weapon in confrontations between nations. On March 20, 2013, during a U.S. – Republic of Korea military exercise, many broadcasters, banks and other financial institutions in the ROK suffered a cyber-attack on an unprecedented scale. CNCERT contacted KrCERT, its ROK counterpart, and assisted in the investigation and in clearing up any misunderstanding that an attack was coming from China. Mcafee and Kaspersky revealed the existence of powerful hidden threats capable of persisting for years such as “Troy Action”, “Red October”, and “IceFog”. These APT attacks have robbed important information from government and scientific institution websites. In 2013, CNCERT monitoring determined that 15,000 hosts within the China mainland are controlled by APT Trojans. This is a serious threat to key Chinese infrastructure and key information systems.

China Remains Threatened by Many Attacks from Outside the China Mainland

During 2013, 31,000 foreign hosts established remote control over 61,000 hosts within the China Mainland through backdoors. Compared with 2012, the number of controlling foreign hosts dropped 4% but the number of controlled hosts in the China Mainland rose by 62.1%. The U.S. had the most controlling hosts with a total of 6215 which controlled 15,349 websites in Mainland China or about 2.5 websites for each controlling host. This is 78.6% higher than in 2012. Next comes China’s Hong Kong SAR which controls 13,116 websites within China, up 179.5% compared with 2012. In third place is the ROK, which controls 7502 websites, down 11.1% compared with 2012.

Of Phishing websites directed at the Chinese Internet, 90.2% are located outside the China Mainland. A total of 3823 foreign IP addresses serve imitating pages of 29,666 China mainland websites, up 54.3% and 27.8% respectively compared with 2012.

The 10.9 million Trojan-infected zombie websites in China Mainland are controlled by 29,000 foreign hosts. Of these, 41.1% (4.485 million hosts) are controlled by 8807 controlling servers in the US. The breakdown of controlling servers by country has the U.S. holding on to first place, increasing its share from 17.6% in 2012 to 30.2% in 2013. The ROK and China’s Hong Kong SAR hold second and third place with shares of 7.8% and 7.7%. Counting by the number of servers controlled within the China Mainland, the U.S. is still in first place, followed by Portugal and the ROK, which have3.988 million and 839,000 hosts respectively.

CNCERT constantly works to improve its cooperation with CERTS in other countries. As of end 2013, CNCERT had established ties with 127 organizations in 59 countries and regions. During 2013, CNCERT cooperated with foreign organizations in resolving 5498 network security issues within Mainland China. This was a 35.5% increase compared with 2012.

Focal Points for 2014

The increasing “intelligent” functionality being incorporated into industrial control systems, medical machinery, and home and office equipment will make security issues more serious on the Internet of Things. Security issues in rapidly developing technologies and failure to consider internet security issues means that security vulnerabilities will appear in new types of intelligent equipment. Hackers will take advantage of them to launch web attacks. During 2013 at Black Hat hacker conferences, ten types of attack and monitoring technologies aimed at the intelligent control systems of electric power networks, intelligent houses, cars and other system were demonstrated. At the same time, “refrigerator zombie network”-like attacks were occurring – malicious attacks taking advantage of intelligent functions being built into home appliances. This shows that there has already been a breakthrough in attack technology using web-connected intelligent equipment. The Android operating system has spread quickly from mobile devices to the Internet of Things. During 2014 security weaknesses will be a continuing issue as the Internet of Things develops.

Social media websites are becoming a key route for hacker attacks and net crime.

Social engineering is an important method for carrying out network attacks. Social media, which is becoming a more important part of our social networks, has become a hotbed of social engineering attacks. Personal data dug up on social networks can be stored and used to precisely target objects of social engineering. Profit-driven malware attacks on social media that could go so far as issuing order to social media site servers or create a new kind of zombie server. This will create new opportunities for criminal activities.

Advanced Persistent Threat Attacks will become

As cyberspace attack countermeasures steadily improve, advanced persistent threats (APT) with their characteristic high targeting accuracy, will become the main weapon of both hackers and inter-state cyber confrontations. APT combining various technologies will become an integrated monitoring and attack system. In addition to traditional malware, and techniques for exploiting hardware and software security vulnerabilities, there will appear new methods and new technologies. In December 2013, the NSA revelations showed how the US NSA created dozens of spy tools. These included backdoors built into motherboards, hard disk controllers, SIM cards and other hardware to implement a physical intrusion. Inserting the backdoor in hardware ensured the persistence of the intrusion despite any change in the operating system, software upgrade or installed software scanning system. Another method was using wireless technology to overcome the physical separation of traditional LAN networks to enable remote attacks. These methods broaden and deepen the APT threat and make them increasingly hard to detect.

Mobile Payment Security and Security Vulnerabilities in Mobile Terminals will be a new challenge to mobile web development

In 2014, the continuing development of 4G networks, faster mobile network and hot spots and the ever-wider use of better smartphones will make payments by mobile phone more common in transactions with merchants, banks and other financial institutions. Hackers will develop APPs and malware to attack the hardware and operating systems of smart phones. More security vulnerabilities will be discovered and attacks against mobile networks and smartphones will grow.

The Scale of Distributed Denial of Service (DDOS) Attacks will continue to Grow

In 2014, hackers will turn to new methods since the traditional DDOS method of using many zombies on a broadband connection will no longer be effective. Hackers will use the Network Time Protocol (NTP) and the Character Generator Protocol (CHARGEN) in Network Time Protocol Distributed Reflective Denial of Service” attacks which will enable them to easily increase attack volumes by a factor of ten to one hundred times. This attack will exhaust limited server, router and bandwidth resources and make it harder to determine the IP address at the source of the attack. Attackers will also find new technologies to create the greatest amount of net traffic for the least amount of effort. They will be looking for technologies that will enable them “to borrow the knife used in the killing”.

Microsoft Ending Windows XP OS Service will lead to an increase in the number of zero day exploits

On April 8, 2014 Microsoft will end Windows XP operating system technical support and updates. It will no longer provide security patches, updates or anti-virus software updates. After that date it will no longer be responsible for operating system viruses or security vulnerabilities. Windows XP has a large market share in China with about 200 million users. Once security updates end, this operating system will face a serious security threat. Hackers may become even more assiduous in digging up zero day exploits to use against the XP OS.

New Security Threats for Traditional text message verification and the new two-dimensional scanning method

Today when making an online purchase or making a payment online, you will often use a verification code sent in a text message. In 2014, smartphone Trojans that steal the payment verification code message and steal your account information will become common. Hackers use smart phone Trojans to catch the verification code number and then go on to use your web payment account and password, resulting in a large financial loss for the user.

Policy Suggestions

Accelerate the formulation of web security strategy, corresponding policies along with web protection capabilities

Given PRISMGATE and state-level advanced persistent threat actor incidents, we suggest that China rapidly formulate a state-level network information security strategy. The strategy should set forth strategic goals, overall guiding principles and specific guidance directed against specific types of security threats in order to provide overall strategic guidance. Corresponding laws and regulations should clearly define tasks and responsibilities. We suggest that attention be given to the design of the top level of the design to improve network security. Attention should be paid to ensuring that work continues to assure cooperation across ministries as well as across industries and regions. The network security resources of all departments should be organized so that each according to its defined responsibilities works together. This will assure the coordinated mobilization of resources to protect China from attacks by state-level actors.

Increase Investment in Network Security Work, Make People More Aware of Network Security

We suggest that industries, companies and government departments increase their investment in network equipment and technology development, strengthen their security management, and improve their capacity to respond to network security threats so as to reduce the extent to which network threats increase as technology advances. Every unit should improve security awareness, establish system to improve security, and to regularly examine procedures and technologies for potential security threats and vulnerabilities.

Strengthen network security technology and methods and improve the capacity to track down the source of attacks

Network security technologies and methods should be strengthened to counter the threats of phishing websites, Trojans, mobile web malware, APT attacks, and other kinds of new threats. Building capacity to identify sources of attacks, its target, and intentions, to gather data indicators, and restore to normal the system attacked, and to determine the ultimate origin of the attack will deter attacks to some extent.

Increase the Chinese Domestic Content of Core Equipment, Swiftly Establish a Complete Information Security Inspection and Verification System

We suggest strengthening the research, development, and promotion of key equipment and core technologies. The domestic content of the internet equipment and software of key industries and of important information systems should be increased. China needs to increase its self-sufficiency in hardware, software and service. For a relatively long time, Chinese government departments have been unable to avoid using mainstream foreign network equipment and internet service. We suggest strengthening security inspections and state monitoring capacity on systems connected to the Internet. This will increase capacity to detect system vulnerabilities and to repair security vulnerabilities in a timely manner in order to ensure that Internet-connected systems are operating securely. China should

quickly establish an information security examination and verification system, define the range of information production that are to be inspected and the nature of the inspection. For each information product involved, according to its origin and its reliability, the capacity to monitor the product and the security characteristics of the product are to be examined. The scope of applications for each product should be defined. According to an established plan, information security testing locations could be established in order to improve China’s information and network security.

Strengthen Capacity to Remove Malware, Maintain a Secure Mobile Operating Environment

We suggest that the government departments responsible strengthen their monitoring of the internet, require the companies involved to fulfill their responsibilities, strengthen security management of companies that sell mobile applications or provide value-added telecommunications services. We also suggest that the communications industry, the internet industry, hardware and software manufacturer and marketers strengthen industry associations and their sharing of information in order to monitoring of online malware, make remedial measures more effective and to actively cooperate with government departments.

Strengthen Net Security Educational Work and Improve the Ability of Net Users to Protect Themselves

We suggest that the government, industry, and the internet security companies work together with civic organizations to help net users increase their security awareness and security skills. Through educational programming in mass media and on web sites, net users should be reminded to take better care of their data, to be careful in conducting transactions online, and to quickly repair security vulnerabilities.

Advertisements

About 高大伟 David Cowhig

Worked 25 years as a US State Department Foreign Service Officer including ten years at US Embassy Beijing and US Consulate General Chengdu and four years as a China Analyst in the Bureau of Intelligence and Research. Before State I translated Japanese and Chinese scientific and technical books and articles into English freelance for six years. Before that I taught English at Tunghai University in Taiwan for three years. And before that I worked two summers on Norwegian farms, milking cows and feeding chickens.
This entry was posted in Economy 经济, Science, Technology and Academic 科技学术, Society 社会 and tagged , , , , , , , , , , , , , , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.