A Rising China Could Mean Rising Cyberthreats Worldwide

Nick Espinosa – Forbes Councils Member

https://www.forbes.com/sites/forbestechcouncil/2020/08/12/a-rising-china-could-mean-rising-cyberthreats-worldwide/#6ee3a6924218

Governments typically exist because of trust. Think about it: The general population is essentially required to place a certain level of trust into the system of governance they are a citizen of. Whether it’s trust that they have the best interests of the people at heart or simply that they will make the trains run on time, governments are formed on the basis of trust.

However, what happens when the trust falters or breaks? Riots and revolutions. Historically, what accelerates this erosion of the guardrails of a system is foreign interference. Competition for world dominance today can lead to espionage at the government, corporate and even personal level within society. This is the backdrop we live in, and while no government could probably claim total innocence in this arena, China (as a world power) is rising and could be a major threat to democracies globally.

Consider that through China’s Belt and Road Initiative, it’s making inroads into dozens of countries where it’s not only bringing infrastructure like roads and hospitals but also the infrastructure for the internet. By virtue of these efforts, China is creating its own technological ecosystem globally that mirrors the vast surveillance state it’s created at home.

Many writers, including myself, have been sounding the alarm on this growing threat. As China expands, its desire to move beyond the Belt and Road countries by undermining its perceived adversaries is increasing. Its biggest target by far appears to be the United States.

During a recent interview I had with former Obama administration cybersecurity advisor Michael Daniel for the Covid-19 Cyber Threat Coalition, he mentioned that by the end of his tenure, the persistence of state-sponsored hackers was expanding. Instead of slinking away when they were discovered and excised from the computers — a behavior they exhibited in the past — Daniel said they were actively fighting to regain control of the previously infected systems.

During the current presidential administration, cybersecurity researchers and reporters have been discovering and sharing with the world the rising cyberthreats that China is subtly using to gain access into the engine that drives America: the economy.

In 2018, Bloomberg reported (paywall) that Chinese operatives had broken into server maker Super Micro. They were allegedly inserting tiny processors into the motherboards of some servers. According to the report, these servers were destined for U.S. companies like Amazon and Apple. Several large U.S. corporations and government entities use Super Micro, so if the report is true, having access to information at the hardware level bypasses many of the security integrations that organizations install into their equipment. Super Micro denied this, but Bloomberg still stands by its reporting.

In 2020, researchers discovered that the Chinese-owned video-sharing app TikTok, the second-most popular app downloaded in 2019, was privately accessing users’ clipboards in the beta version of iOS 14. Hacktivist group Anonymous later promoted claims that after reverse-engineering the app, TikTok was found to be secretly executing commands that would ping a user’s GPS frequently, gathering information on the networks that users were connected to, including identifying the types of routers, firewalls and other infrastructure in use.

Also in 2020, researchers determined that many countries’ internet service providers were seriously at risk. One of the most critical pieces of equipment to make the internet work for residential and business customers is called a Fiber-to-the-Home optical line termination device (FTTH OLT). These devices take the fiber optic cables that the ISPs run all over the country and convert that signal into ethernet cabling that is commonly used in homes, buildings and more.

Chinese vendor C-Data is a popular manufacturer of these devices. According to a report published by ZDNet, researchers discovered seven major vulnerabilities in its equipment that could allow remote access from anywhere into the equipment. The researchers believed these were put there by design to allow remote access at will.

According to their research, these 29 C-Data models allowed an attacker not only remote access into the device but also exposed the administrator username and password set up by the ISP within the device. Further, it allowed the attackers to run any command they wished to reconfigure the unit or even crash it. Essentially, it could be remotely configured to reroute traffic through China (which has happened before via other types of attacks), where the government could capture and analyze it — or worse.

Above and beyond all of this, there are concerns about using 5G equipment from China-based Huawei. There are still unanswered questions from the videoconferencing giant Zoom and its recently discovered China-based subsidiaries that are employing over 700 people as well as its admission that it had “mistakenly” routed some North American videoconferencing traffic through China. Zoom also admitted that it doesn’t use “end-to-end” encryption and stated in an interview with Rolling Stone that it uses “a mix of tools, including machine learning, to proactively identify” conferences for unwanted material.

Given this rising threat, how does the rest of the world handle this? International laws requiring transparency of critical infrastructure while preserving intellectual property are of paramount importance. Further, I believe stringent guidelines for testing all final products to be deployed should be the law, along with requirements that the internet service provider has to have enterprise-level threat detection capabilities that monitor all of its infrastructure in real time for threat and malfeasance.

On a more personal level, the general public needs to be educated on the apps they download and where their developers are based. If the app is coming from a country that requires its government to have any kind of access into the data or the country itself has no data privacy laws or frameworks such as the “right to be forgotten,” the app should not be installed into any device where it can begin gathering information against the user’s will.

Until the general public outside of China realizes the sheer volume of espionage occurring at every level of its society, this is only going to get worse. Hopefully, the world will wake up in time.

Leave a Reply