Navigation
21Vianet 2600Hz 3Com 3GPP 3Leaf 4G 4G licensing 5G Africa Alcatel Shanghai Bell Alcatel-Lucent Alibaba Android antiitrust Apple APT Satellite Arete AT&T auction backbone Baidu Bain bandwidth base station Battery broadband cable CBN CCP censorship Cfius China China brands China FTTH China hi-tech China market China media China Mobile China Mobile Hong Kong China Science China Telecom China Unicom chips Ciena Cisco civil society CNNIC Communist Party convergence copyright CSL cybersecurity Datang drones Egypt Elop Ericsson EU Facebook FDD LTE FDD-LTE feature phones Fiberhome FLAG forecasts Foxconn FTZ Galaxy S3 Google GSMA GTI handset handsets Hisilicon HKBN HKIX HKT HKTV Hong Kong HTC Huawei Hugh Bradlow Hutchison India Infinera Innovation Intel internet investment iOS iPad iPad 2 iPhone IPv6 ITU Japan KDDI KT labour shortage Leadcore low-cost smartphone LTE MAC MAE Mandiant market access Mediatek Meego Miao Wei Microsoft MIIT mobile broadband mobile cloud mobile data mobile security mobile spam mobile TV mobile web Motorola music MVNO MWC national security NDRC New Postcom Nokia Nokia Siemens Nortel NSA NTT DoCoMo OTT Pacnet Panasonic patents PCCW piracy PLA politics Potevio price war private investment Project Loon Qualcomm quantum Reach regulation Reliance Communications Ren Zhengfei Renesys RIM roaming Samsung sanctions Scania Schindler security shanzhai Sharp SKT Skype smartphones Snowden software Sony Ericsson spectrum Spreadtrum standards startups subsea cables subsidies supply chain Symbian tablets Tata Communications TCL TD LTE TD-LTE TD-SCDMA Telstra Trump Twitter urban environment USA US-China vendor financing Vitargent Vodafone New Zealand WAC WCIT Web 2.0 web freedom WeChat WhatsApp Wi-Fi Wikileaks Wimax Windows Mobile WIPO WTO Xi Guohua Xiaolingtong Xinjiang Xoom Youku YTL ZTE

Entries in cybersecurity (3)

Monday
Nov172014

Citizenfour's warning

Edward Snowden's disclosures are about the abuse of power and the abuse of laws that put limits on power.

Click to read more ...

Friday
Jun142013

US, Snowden, China: The world's biggest case of projection?

Amid the blizzard of information in the Snowden affair, the factoid that caught this blog’s attention was the hacking into the Hong Kong Internet Exchange (HKIX).

According to Snowden, the NSA listened into the HKIX, the city’s prime internet exchange, through the internet backbone.

We hack network backbones – like huge internet routers, basically – that give us access to the communications of hundreds of thousands of computers without having to hack every single one," he said.

He named one target as the Chinese University of Hong Kong, home to a handful of advanced internet research facilities such as the Hong Kong Internet Exchange, which "essentially connects all of the city's internet access providers to a single infrastructure," the [SCMP] reported.

We don’t know if Snowden is telling the truth, or even if he knows what he is talking about. And while we should probably take most denials on this topic with a large grain of salt, let’s just note that the CUHK said it had not “detected any form of hacking to the network, which has been running normally.”

Maybe, just maybe, “running normally” actually means with a hidden security backdoor already built-in by its router vendor, Cisco. I stress this is pure speculation; there is no evidence Cisco or anyone else provided a key.

But it is striking that that is exactly the kind of behaviour that the US fears that the Chinese will execute on American networks through Huawei.

I can’t help but wonder: when the Pentagon, Congress and the CIA label Huawei a security threat, are we looking at the world’s biggest case of projection?

Friday
Mar012013

Disclosure will force China to end its heist of corporate secrets

This is no surprise: in the wake of damaging revelations about its online attacks on the west, China has disclosed attacks on its networks.

Not only was last week's Mandiant report a gamechanger, I’m predicting that within a year or two China will drop its large-scale corporate espionage programme.

In part, that's because China's disclosures in fact highlight the criminal nature of the PLA hacks. Whereas China has only suffered attacks on military sites, the real damage in the reports by Mandiant and Business Week were the details of China’s theft of business secrets.

Sooner rather than later China will come to see the corporate attacks as a low-percentage play.

The underlying narrative in western reporting has been of a clever China Inc. stealing into foreign networks, downloading terabytes of data and seamlessly transferring it to its own corporate sector for easy profit.

In truth, China’s giant, secretive bureaucracies don’t play well. They are severely constrained by their size, dysfunction, deep-rooted corruption and suspicion of each other (proof point: it took Beijing a typically tardy ten days to respond to Mandiant).

Mandiant estimates PLA hacking teams have stolen data from hundreds if not thousands of foreign organizations. The task of sifting through those petabytes of material, identifying valuable corporate information and somehow directing it to the ‘right’ agency or state enterprise would tax the most efficient system.

To take one prominent example, the attempts to steal Google’s search engine secrets don’t seem to have helped Jike, the Chinese state-backed search engine with a market share of close to zero.

More likely, I suspect, is that the corporate attacks have taken place with the tolerance of rather than the active direction by the top leadership. Few officials would wish to get into a scrap with the PLA, and certainly not on behalf of foreign corporations.

Plus, this being China, it’s not beyond the bounds that some PLA officers are running these hacks commercial agendas in mind.

This is not to say that politically-motivated attacks, such as those on activists’ Gmail accounts, or on the New York Times and Bloomberg, aren’t directed from the highest level, or that none of the corporate spying has yielded results.

But these industrial-strength raids on corporate networks surely yield little, except increasing embarrassment. China may despise the democratic west but it can ignore world opinion only up to a point.

Just as diplomatic and trade pressure forced China to stop transferring weapons technology to the Middle East in the 1990s, transparency will help it abandon its heist of foreign commercial secrets.