Share This

Showing posts with label Spying. Show all posts
Showing posts with label Spying. Show all posts

Wednesday, 16 October 2024

GT Exclusive: Latest report shows US cyber weapon can ‘frame other countries’ for its own espionage operations

China's National Computer Virus Emergency Response Center on Monday released its latest report on Volt Typhoon, once again exposing cyber espionage and disinformation operations conducted by US government agencies, including a US cyber weapon that can mislead investigation and frame other countries for its own cyber espionage activities. 

This is also the first time for the center to release the report in multiple languages, including Chinese, English, French, German and Japanese. 

The Monday report is the third report on Volt Typhoon released by National Computer Virus Emergency Response Center and National Engineering Laboratory for Computer Virus Prevention Technology. It further disclosed the cyber espionage operations targeting China, Germany and other countries which were launched by the US and other Five Eyes countries. 

On May 24, 2023, the cybersecurity authorities from The Five Eyes countries, 
the US, the UK, Australia, Canada and New Zealand, issued a joint cybersecurity advisory, claiming that they had discovered cluster of activity of interest associated with a "China state-sponsored cyber actor," known as Volt Typhoon, and these activities "affected networks across US critical infrastructure sectors."

On April 15 and July 8, the National Computer Virus Emergency Response Center, National Engineering Laboratory for Computer Virus Prevention Technology and 360 Digital Security Group jointly released two investigation reports disclosing the US government's narrative regarding Volt Typhoon is purely a fabrication crafted by the US. The two reports also expose how US government agencies, in order to maintain control over the so-called "warrantless surveillance rights," conduct indiscriminate monitoring of global telecommunications and internet users. This is done to enable related interest groups to gain greater political and economic benefits by fabricating nonexistent Chinese cyberattack threats. The nature of the event resembles a "house of cards" conspiratorial swindling campaign scheme targeting the US Congress and taxpayers.

"After we released the reports in April and July on Volt Typhoon, more than 50 cyber security experts from US, Europe, Asia and other countries and regions have contacted us through various ways. They believed that the US government and Microsoft have attributed Volt Typhoon to Chinese government without any concrete evidence, and they also expressed concern about the US government's fabrication of Volt Typhoon," a research fellow from the National Computer Virus Emergency Response Center told the Global Times on Monday. 

Secret weapons

The US is the world's largest arms dealer and its cyber weapon arsenal is not only large in scale, but also sophisticated in function. Previously, the National Computer Virus Emergency Response Center publicly disclosed multiple types of cyber weapons which were developed by the National Security Agency (NSA) and Central Intelligence Agency (CIA).

The Monday report unveiled information on a customized stealth "toolkit" codenamed "Marble" that the US agencies have developed to cover up their Computer Network Exploitation (CNE) operations, mislead attribution analysis and shift the blame on other countries. 

The toolkit is a framework that can be integrated with other cyber weapon development projects, assisting developers to obfuscate various identifiable strings in program code, effectively "erasing" the "fingerprints" of cyber weapon developers, according to the report.

For a long time, the US has kept pushing a "Defend Forward" strategy in cyberspace, and implement the "Hunt Forward" operations, which means to deploy cyber-war forces in the surrounding areas of adversary countries to conduct close-in reconnaissance and network penetration. In order to satisfy those tactical needs, the toolkit "Marble" was developed, said the anonymous researcher. 

The framework also has a "dirty" feature, which is the ability to insert strings in other languages at will, such as Chinese, Russian, Korean, Persian, and Arabic. This is intended to mislead investigators and defame China, Russia, North Korea, Iran, and Arab countries, said the researcher. 

By tracing and analyzing the source code and comments of "Marble" framework, researchers also found that it has been identified as a secret weapon development program, which is not allowed to share with any foreign country, starting no later than 2015. This secret weapon was tailored by US intelligence agencies for themselves, and was even kept a secret from the so-called ally countries. 

Recent findings in the report have once again highlighted who poses the greatest threat to global cyberspace security. The US government not only disregards the report but also continues to disseminate false information about Volt Typhoon, said Chinese Foreign Ministry spokesperson Mao Ning on Monday. China condemns US' irresponsible actions and urges it to immediately cease its global cyberattacks and stop using cybersecurity issues to slander and malign China, Mao said.

 'False flag' operation 

A "False Flag" is a deceptive act or operation carried out to make it appear as if it was conducted by another party. According to the report, the "Marble" framework fully exposes the indiscriminate and bottomless cyber espionage activities around the world carried out by US intelligence agencies, and their conspiracy to mislead investigators and researchers through "false flag" operations, so that to frame "adversary countries."

The anonymous researcher said that in conjunction with previous investigation findings, the hackers from US cyber forces and intelligence agencies disguise themselves like chameleons in cyberspace, pretend to come from other countries to carry out cyberattacks and espionage activities around the world, and pouring dirty water on non-ally countries of the US.

The report also noted that the "False Flag" operation is actually an important component of the US intelligence agency's "EFFECTS Operation," known as the "Online Covert Action" in the UK. The secret documents from the US and Five Eyes Alliance show that, the "EFFECTS Operation" includes two broad categories, "Information Operations" and "Technical Disruption Operations." 

The Internal documents of the US and Five Eyes Alliance clearly indicate that the implementation of this "EFFECTS Operation" must adhere to four main principles, which are "Deny," "Disrupt," "Degrade," "Deceive." And these four main principles precisely cover all the core elements of the Volt Typhoon operation, said the report.

Subsea cable tapping sites

According the top secret files of NSA, the US has been controlling the world's most important internet "choke points," such as the Atlantic and Pacific subsea cables, constructing at least seven full-traffic tapping sites. All these sites are operated by NSA, FBI and NCSC from UK. Each packet through the sites is being intercepted and deeply inspected indiscriminately, according to the report. 

The US National Security Agency is not content with merely focusing on the specific areas covered by submarine cables, and the data intercepted by these surveillance systems falls far short of meeting its intelligence needs. Therefore, the US has conducted CNE operations on specific targets located in the "blind spots" of its surveillance systems.

Top secret documents from the NSA show that the Office of Tailored Access Operation (TAO) of NSA has launched massive CNE operations around the world and implanted more than 50,000 spyware implants. Victims are mainly concentrated in Asia, Eastern Europe, Africa, the Middle East and South America. The internal documents of the NSA showed that almost all major cities in China are within the scope of NSA's operations, a large number of entities and their network assets have been compromised, said the report. 

Spying on 'allies'

The report also cites instances of the US conducting surveillance on countries such as France, Germany, and Japan. 

The anonymous researcher said US intelligence agencies have established a large-scale global Internet surveillance network, providing a large amount of high-value intelligence to the US government agencies, which offers the US government great advantage in the diplomatic, military, economic, scientific and technological fields. The US government and its intelligence agencies could put anyone on the "list" of monitoring. 

For example, from 2004 to 2012, the US carried out a long-term espionage operation against France, monitoring the movements of the French government on policy, diplomacy, finance, international exchanges, infrastructure construction, business and trade. Some important intelligence was authorized by the US to be shared with the other "Five Eyes" countries. This shows that the countries of the "Five Eyes" alliance are also beneficiaries of US espionage operations.

A 'snooper' in cyberspace

The report said that the US global Internet surveillance programs and stations are like ubiquitous "snoopers" in cyberspace and steal user data from the global internet in real time, and this eavesdropping capability has become an indispensable foundation of the US efforts to build the "Empire of Hacking" and the "Empire of Surveillance."

To maintain such a huge surveillance program, the annual funding budget is quite huge, and with the explosive growth of internet data, the demand for funding is bound to "rise." This is also one of the main reasons why the US government conspired with its intelligence agencies to plan and promote the Volt Typhoon operation, said the report.

Over the years, the US government has kept politicizing the issue of cyberattack attribution in a way that serves its own self-interests. Some companies, such as Microsoft and CrowdStrike, have been influenced by the desire to appeal to US politicians, government agencies and intelligence agencies, as well as to enhance commercial interests. They kept using a variety of names with geo-political features to describe the hacking groups in the absence of sufficient evidence and rigorous technical analyses, such as "Typhoon," "Panda" and "Dragon." 

In its last part, the report said that the international communications in cybersecurity industry is vital as the geopolitical landscape is growing increasingly complex and cybersecurity requires extensive international collaboration. 

"We look forward to seeing that all cybersecurity firms and research institutes will keep focusing on the research of cybersecurity threat prevention technology and how to provide users with higher-quality products and services, which will then keep the internet developing in a healthy way along with the progress of human society," said the report.


https://www.cverc.org.cn/head/zhaiyao/futetaifeng3_CN.pdf
https://www.cverc.org.cn/head/zhaiyao/futetaifeng3_EN.pdf
https://www.cverc.org.cn/head/zhaiyao/futetaifeng3_FR.pdf
https://www.cverc.org.cn/head/zhaiyao/futetaifeng3_JP.pdf
https://www.cverc.org.cn/head/zhaiyao/futetaifeng3_DE.pdfSource link

Related posts:

Tuesday, 15 March 2022

China captures powerful US NSA cyberspy tool

Cybersecurity. Photo: VCG `'Trojan horse' controls global equipment

China captured a spy tool deployed by the US National Security Agency, which is capable of lurking in a victim's computer to access sensitive information and was found to have controlled global internet equipment and stole large amounts of users' information, according to a report the Global Times obtained from the National Computer Virus Emergency Response Center exclusively on Monday.
`
According to the report, the Trojan horse, "NOPEN," is a remote control tool for Unix/Linux computer systems. It is mainly used for stealing files, accessing systems, redirecting network communication, and viewing a target device's information.
`
Through technical analysis, the center believes that the "NOPEN" Trojan horse is characterized by complex technology, comprehensive functions and strong concealment, which can fit a variety of processor architectures and operating systems. It can also collaborate with other cyber weapons and is a typical tool used for cyber espionage.
`
The report came after the NSA was exposed to have been launching cyberattacks against 47 countries and regions for a decade, with Chinese government departments, high-tech companies and military-related institutes among the key targets. Under the surveillance of the NSA, the privacy and sensitive information of hundreds of millions of people around the world were exposed, like "running around naked."
`
Photo: Courtesy of National Computer Virus Emergency Response Center
Photo: Courtesy of National Computer Virus Emergency Response Center
`
Cybersecurity experts told the Global Times that once the Trojan was planted into a victim's computer, it would become a "lurker" waiting for the "code" and opening the "vault door" for hackers. The Trojan also could turn a victim's computer into a bridge tower, allowing hackers to go deeper into the group where the victim works and grasp the company's information.
`
According to the center's report, the "NOPEN" can remotely control most existing network servers and terminals, which can be manually implanted by attackers, or cyberattack platforms by the NSA. It can execute a variety of instructions such as information theft and destruction.
`
Evidence shows that the NSA used the "NOPEN" Trojan horse to control a large number of internet devices around the world and steal user privacy data, which has caused inestimable losses.
`
According to internal NSA documents leaked by hacking group Shadow Brokers, "NOPEN" is one of the powerful weapons used by the NSA's Tailored Access Operations (TAO) to attack and steal secrets.
`
"As the research and development arm of the world's top military power, the NSA cannot develop weapons that rust in their arsenals," a Chinese cybersecurity expert told the Global Times on condition of anonymity. "The international community has learned from the PRISM scandal that the US military intelligence agency has been conducting network monitoring and cybertheft of countries around the world for a long time, and these cyber weapons are an important means of its implementation of network monitoring."
`
In April 2017, the Shadow Brokers released a large number of cyberattack tools developed by the NSA. As the NSA is affiliated with the US Department of Defense, the tools are widely believed to be used for military purposes as "cyber weapons."
`
For example, on May 12, 2017, the worldwide WannaCry ransomware used EternalBlue, a computer exploit developed by the NSA to attack unpatched computers, which brought serious damage and data loss to many enterprises and individuals, according to media reports. The incident enabled the international community to witness for the first time the terrible power of cyber weapons, but such weapons of mass destruction are only the tip of the iceberg in the NSA's vast arsenal.
`
"The vast majority of the NSA's arsenal consists of stealth fighters and submarines that can easily attack victims without theirknowledge," the anonymous expert said, noting that the "NOPEN" Trojan horse is the main weapon of the NSA's arsenal.
`
The expert said the center's report sounds an alarm to the world as there are likely a large number of undetected victims online, who face long-term and serious cybersecurity risks. The leakage and proliferation of these cyber weapons further aggravate the increasingly severe network security situation, seriously endanger the overall security of the cyberspace, turning military confrontation in cyberspace into a "zero-sum" game.

 Source link

RELATED ARTICLES
 

 

China criticizes US' inconsistency on Taiwan question at Yang-Sullivan meeting as US ...

China's top diplomat Yang Jiechi met with US National Security Advisor Jake Sullivan in the Italian capital of Rome on ..

.

Monday, 16 February 2015

6 ways your tech is spying on you

Embedded data: Foreign tourists taking a selfie with red roses on display for Valentines Day outside a shopping mall in Bangkok, Thailand. Exif data in your pictures can contain a lot of information about where you have been. — EPA

Compared with what’s already happening, Samsung’s warning not to discuss sensitive issues in front of its TVs seems pretty tame. But you can fight back.

SO, your TV might be spying on you. It probably just wanted to join in with the rest of the technology in your life because, let’s face it: if you live in the 21st century you’re probably monitored by half a dozen companies from the moment you wake up to the moment you go to sleep. (And if you wear a sleep tracker, it doesn’t even stop then.)

Compared with some of the technology that keeps a beady eye fixed on you, the news that Samsung’s privacy policy warns customers not to discuss sensitive information in front of their smart TVs is actually fairly tame. The warning relates to a voice-recognition feature that has to be explicitly invoked, and which only begins transmitting data when you say the activation phrase “hi, TV.”

But other tech that spies on you might not be so genteel. The uncomfortable fact is that your personal data is just another way to pay for products and services these days.

The adage “if you are not paying for it, you’re not the customer; you’re the product being sold” was coined in 2010, a lifetime ago in web terms, but it’s as true today as it always has been.

What’s changed now, though, is the number of ways companies are discovering to make sharing our data with them not something we grudgingly accept, but enthusiastically embrace.

Sure, they tell us, you can turn it off. But do you really want to?

1. Facebook’s “like” button

Even if you don’t use Facebook, you will have seen the company’s “like” button springing up in more and more places around the Internet, like a nasty case of chicken pox. If you click on it, you can like the page of a company, person or brand, all without leaving the website you’re on.

The uncomfortable fact is that your personal data is just another way to pay for products and services.

And then there’s Facebook share buttons and Facebook comments, both of which hook in to the company’s servers to provide their own features.

But it’s a two-way relationship: the price you pay for being able to interact with Facebook even without going to their website is that they can see the other websites you’re on, following you around the Internet and using that information to better target ads and content to you back on the mothership.

How to stop it: if you log out of Facebook when you’re done, the site’s ability to track your browsing is severely hampered. Of course, equally hampered is your ability to like things and comment on posts. Are you happy making that trade-off?

2. Smartphone location services

If you have an iPhone, try this: click on settings, then privacy, then location ­services, system services and frequent locations. You’ll notice a list of all the cities you’re in regularly.

Click on any specific city, and you’ll find that your phone knows all the locations you frequently visit. For me, that includes my home, local tube station and office, and also the pub I play Netrunner in, the house of one of my best friends and the comics shop I frequent.

Don’t feel smug if you use Android instead: Google keeps just as copious notes on your location and, unlike Apple, it is stored in the Cloud, where it can theoretically be subpoenaed by law enforcement or accessed by a suspicious partner who happens to know your password.

How to turn it off: both companies let you turn off location histories from the same pages you can look at yours. But if you do that, they’ll get a lot worse at giving you accurate and useful location suggestions. There’s that pesky trade-off again.

3. Uber

Perhaps it’s no surprise that a company that sells you cheap cabs through a slick app keeps data on your journeys. And that data is well-used by Uber to reassure customers that their journey is safe: the company will show you your ride history as well as information about your driver which can be crucial for solving disputes or, if the worst happens, ensuring justice.

But Uber hasn’t got the best history of using that data well. The company has had to apologise before for accessing a jour­nalist’s journey details in order to make rhetorical points, as well as remove a piece of “data journalism” looking at ride histories in aggregate to find out how many of their customers were using the service for one-night stands. They titled the post “rides of glory”.

How to turn it off: the best way would be not to use Uber. But there’s that trade-off again: old-school taxis, whether hailed from the street or called from a dispatch office, are going to end up charging you a lot more for your newly anonymous journey.

4. Mobile phone networks

Your mobile phone works by sending encrypted communications to and from masts, known as “cells”. Of course, especially in a built-up area, there’s likely to be more than one cell in range of your phone at any given time, and things would get confusing if they were all trying to run the call at the same time.

So your phone pairs with one particular cell, and “hands off” to a new one when you move around (the annoying clicks you get if you leave a phone next to an unshielded speaker is your phone checking in with a cell, to confirm it’s still alive).

If you’ve been paying attention, you’ll realise what this means: your mobile phone network has a record of where you’ve been, accurate to at least the range of the closest phone tower.

In practice, it’s probably quite a bit more accurate than that, as they can triangulate in using information from other towers in your area.

How to turn it off: stop using a mobile phone. Seriously, this one isn’t going away. If you’ve got a removable battery, you can try taking that out when you don’t want to be tracked, but whenever you turn your phone back on, your mobile phone network is going to know where you are.

5. Exif data in your pictures

Did you know that digital photographs contain information about the picture? Known as Exif data, the standard was ­created to hold stuff that photographers might find useful to know alongside the image, such as the focal length and aperture they used while taking it.

It’s used by professionals to embed contact information and copyright details, as well.

Of course, as with most standards, there’s been a bit of feature-­creep, and these days, Exif data can contain a whole lot more information.

In fact, if you’ve taken a picture with a smartphone, or even a modern digital ­camera, there’s a good chance that the picture records where it was taken using the built-in GPS.

That’s great for building maps of your holidays, but not so good if you’re trading snaps with strangers.

How to turn it off: most ­cameras let you disable embedding location data in the files, but the good news is that social networks are one step ahead of you – and this time, they’re on your side. Facebook and Twitter both strip the metadata from ­images uploaded to the site, causing a headache for users who need the extra information but protecting those who don’t know that they’re uploading potentially sensitive data.

6. Facial recognition

Have you ever used Facebook’s tag suggest feature? The social network can scan through your uploaded pictures to find ones with friends who haven’t been tagged, and offer you suggestions for who to add.

It’s a wonderful time-saver over doing it the manual way, even if careless use can lead to some social faux pas (try to avoid tagging someone you don’t like just because they’re in the background of another picture).

But Facebook, and Google – which offers a similar feature – can only do that because it’s been running facial-recognition software on photos uploaded to the site for years.

In September 2012, Facebook was even forced to disable the feature after the Irish data protection commissioner scolded it for doing so without permission.

How to turn it off: try to avoid being in photos or having friends. Easy! — ©Guardian News & Media Ltd, 2015

By Alex Hern Sunday Star

Wednesday, 4 June 2014

Foreign tech firms pose threat on Internet; World's largest Internet hacker

Companies asked by Washington to use online services to spy on customers

Foreign technology services providers such as Google and Apple can become cybersecurity threats to Chinese users, security analysts said, one week after China announced that it will put in place a security review on imported technology equipment.

Other major tech companies, such as Yahoo, Cisco, Microsoft and Facebook, were required by the US National Security Agency to transfer their users' information, according to Wan Tao, founder of Intelligence Defense Friends Laboratory, an independent institution focusing on cybersecurity in China.

Wan said that online services have become a major way for the US to steal information globally.

Foreign tech firms pose threat on Internet
Foreign tech firms pose threat on Internet
Ning Jiajun, a senior researcher at the Advisory Committee for State Informatization, said, "Previously, the US asked companies to install wiretapping software on their technological products, but if users found and shut down related functions, its 'plan' would fail," he said.

For instance, information on a Chinese organization can be stolen when it places an order on an international shopping website, he said.

With technologies such as cloud computing and big data getting popular, information can be collected and analyzed immediately, which means the damage can be much greater and more difficult to prevent, analysts said.

"It can be said that those who master online services can get more information in cyberspace," said Du Yuejin, director at the National Engineering Laboratory for Cyber Security Emergency Response Technology.

Last month, China's Internet Media Research Center issued a report saying the NSA makes use of large technology companies for its wiretapping plans, including Prism, which was unmasked by former NSA intelligence leaker Edward Snowden, asking them to collect information on their users and urging them to hand in the data regularly.

The report also said that the NSA has taken iOS and Android, two leading mobile operating systems applied to iPhone and Samsung, as the "gold mine" of data.

The NSA grabbed users' information and stored most of it for analysis by invading database and communication networks of Yahoo and Google, while it has also controlled applications on smartphones with Britain, said the report released at the end of May.

"The US, in fact, could get these users' information or conduct the wiretapping by attacking the network instead of 'cooperating' with the enterprises, but it might take more time and money," said Wan.

The actions of the NSA have put huge pressure on US technology companies, as customers from Paris to Sao Paulo and from Beijing to Berlin worry about their privacy being invaded.

US President Barack Obama held two discussions with CEOs of major US technology companies in the past six months about the NSA snooping, which led to a "reform" of the NSA to focus on protecting US citizens' privacy, but with little improvement on foreign organizations and citizens.

In May, John Chambers, chairman and CEO of Cisco Systems, wrote a letter to Obama urging Washington to stop using the company for surveillance of its customers, according to an Al Jazeera report.

Foreign tech firms pose threat on Internet
Web security firms pledge to patch XP 'vulnerability' 
Foreign tech firms pose threat on Internet
IBM 'unaware' of server ban 

- Contributed By CAO YIN (China Daily)

World's largest Internet hacker

The spying actions of the US have underscored the urgency of formulating common rules for activities in cyberspace

Last month, the United States Attorney-General Eric Holder announced the indictments of five Chinese military personnel on cyber espionage charges, accusing them of hacking into US companies in the nuclear power, metals and solar products industries. This has seriously compromised relations with China and sabotaged the bilateral cybersecurity cooperation that had been put back onto a normal track after overcoming setbacks.

With the indictments, the US has tried to present itself as the largest victim of cyberattacks, when in fact it is the Cold War mentality and troublemaking of the US that have precipitated the instability and insecurity in cyberspace. If the US doesn't change its behavior, all peoples in the world may become victims of Internet insecurity.

In June 2013, Edward Snowden, a former US National Security Bureau contractor, revealed US intelligence agencies were conducting large-scale network spy programs, such as PRISM, Xkeyscore and others, across the world. His disclosures indicated the omnipotence of the US' Internet surveillance and cyberattacks, which range from spying on communication metadata and backbone networks to the monitoring of short message services, instant messaging and video chats; from spying on ordinary people to spying on enterprises, universities, military units and even heads of state, not to mention the revelations about the US' cyber warfare capabilities.

Aside from its cyber command that has been rapidly growing, the US' marine, land and air forces have also set up their own cyber headquarters. Cyber combat capabilities are already regarded as part of the weaponry of the US' fighting forces. A series of US cyber combat programs have been revealed, from Stuxnet to Fslame and X-Plan, all of which indicate that the US has mastered more complicated means and more threatening abilities than other countries in terms of cyberattacks.

The latest indictments against the five Chinese military personnel have also reminded people of a series of previous cyber espionage claims against China by the US. In February 2013, Mandiant, a US cybersecurity firm, released a report accusing China's military of plotting hacker attacks against US enterprises. After that, many in the US, including the president and senior government officials, expressed a tough stance toward China and threatened economic sanctions against it. Some even suggested that US enterprises "hacked" by China should make cyber counterattacks in retaliation. Such groundless accusations of Chinese cyberattacks have drastically tainted the US' domestic political environment toward China and also frozen cybersecurity cooperation between the two countries.

The Chinese government has consistently advocated a new type of major-power relations with the US, and it has refrained from overreacting to Washington's "threatening signals". Even after the Snowden revelations, the Chinese government still adhered to the principles of no-conflict, no-confrontation, mutual respect and mutually beneficial cooperation, and it is actively pushing for cooperation with the US in cybersecurity and working for the establishment of a cybersecurity work panel under the Sino-US Strategic and Economic Dialogue framework.

All the evidence indicates that it is the US that is the world's largest Internet hacker and that the global cyber arms race triggered by the US' actions poses the largest threat to global cybersecurity. The US has so far cited "for the sake of national security" as the only excuse for its pervasive Internet espionage. The US should know that a country cannot put its national security above the interests and national security of other countries and the basic norms of international relations. The double standards the US has embraced in cybersecurity have damaged its credibility and compromised its image as a responsible power.

To enjoy the dividends of the booming Internet sector and communication technologies, cyberspace must be peaceful, safe, open and cooperative. Cyberspace should not be a field for either a cold or hot war, and the latest developments have once again underscored the importance and urgency for formulating common rules for cyber activities.

The US indictments of the Chinese military personnel are not conducive to global efforts to maintain the stability and security of cyberspace. The US, by taking advantage of its technological and military dominance, has established a cyber hegemony. It is hoped the US can lead the global Internet sector to develop in a healthy direction, as it once spearheaded the progress of Internet technologies for human progress.

- Contributed By Tang Lan (China Daily) The author is deputy director of the Institute of Information and Social Development Studies, China Institutes of Contemporary International Relations.

Related posts:
 
As the most notorious surveillance country, the U.S. indictment of Chinese military officers seems almost insolent in a world still reeli...

U.S. cyber attacks, latest data published, China denies accusations...
A spokesperson for China's State Internet Information Office on Monday published the latest data of U.S. cyber attack, saying that Chi...

  
New security structure needed: Trust, collaboration key to Asian security
Chinese president urges countries to cooperate to promote security Chinese Presi

Monday, 26 May 2014

US-China cyber-battles intensify

The United States has accused some Chinese of hacking into American companies’ computers but the US itself has been engaging in massive spying of foreign companies and trade officials.

Reports of US spying have sparked anger in many countries

WE live in a world where “spying” by electronic means is now pervasive and practically no one or institution that uses telephones, smart phones, emails and the internet is protected from intelligence gathering.

This much we know, from the media revelations emerging from files leaked by Edward Snowden, a former contractor with the US National Security Agency.

They showed that the US has been tapping the telephones and emails of Americans and others around the world in a sweeping and systematic way.

It was revealed that even the top political leaders of Germany, Indonesia and Brazil had their mobile phones tapped, leading their countries to protest against such a bold intrusion of privacy and national security.

Last week, the intelligence issue was highlighted again when the US Justice Department indicted five individuals who are members of the Chinese People’s Liberation Army.

They were accused of hacking into the computers of American companies in the nuclear power, steel, aluminium and solar power industries to obtain trade secrets for the benefit of Chinese state owned enterprises.

A Chinese foreign ministry spokesman denounced the allegations as baseless and said China “never engages in the activity of stealing commercial secrets through the internet”, and accused the US of hypocrisy.

It is common knowledge that intelligence agencies use all kinds of devices to gather information and spy on foreigners as well as their own citizens.

The US has the most sophisticated system with the broadest coverage, as the Snowden files revealed.

By charging China of spying on specific American companies for the commercial benefit of Chinese enterprises, the US was trying to draw a very fine line.

It would have been clearly double standards to accuse other countries of spying on government personalities or agencies or on civilians, as the US itself has been shown to be more systematically doing this than any other country.

In announcing the indictment on the five Chinese, the US Attorney General said the hacking was conducted to advantage Chinese enterprises, a tactic that the US denounces.

“We do not collect intelligence to provide a competitive advantage to US companies, or US commercial sectors.”

But in fact the US does spy on companies and trade policy makers and negotiators of other countries, presumably in order to obtain a commercial advantage.

Two articles by David Sanger in the New York Times last week commented on the “fine line” the US attempts to draw between spying for the benefit of specific companies, and for overall commercial advantage.

He gave examples of revelations of US agencies targeting foreign companies.

These include Huawei, a major Chinese internet and communications company.

According to his article, the Snowden documents showed that one purpose of this spying was to “get inside Huawei’s systems and use them to spy on countries that buy the company’s equipment.

“Huawei officials said they failed to understand how that differed meaningfully from what the United States has accused the Chinese of doing.

The US agency also hacked into the computers of Petrobras, Brazil’s national oil company, which has data on Brazil’s offshore oil reserves and perhaps its plans for allocating licences for exploration to foreign companies. State owned oil companies in Saudi Arabia, Mexico, Africa are also intelligence targets.

The NSA also went into the computers of China Telecom, one of the largest providers of mobile phone and Internet services in Chinese cities, and Pacnet, the Hong Kong-based operator of undersea fibre optic cables.

“Once inside those companies’ proprietary technology, the NSA would have access to millions of daily conversations and emails that never touch American shores,” said Sanger.

The NSA spied on Joaquín Almunia, the antitrust commissioner of the European Commission, who had brought charges against several US companies.

In each of these cases, American officials insist the US was never acting on behalf of specific American companies, but the government does not deny it routinely spies to advance American economic advantage as part of national security, said the Sanger article.

This includes spying on European or Asian trade negotiators, using the results to help American trade officials and thus the American industries and workers they are trying to bolster.

According to Sanger, the United States spies regularly for economic advantage when the goal is to support trade talks. When the US was negotiating in the 1990s to reach an accord with Japan, it bugged the Japanese negotiator’s limousine and the main beneficiaries would have been US auto companies and parts suppliers.

The US is also “widely believed to be using intelligence in support of trade negotiations underway with European and Asian trading partners. But in the view of a succession of Democratic and Republican administrations, that is fair game.”

An earlier New York Times article, citing Snowden documents, also revealed that the US and Australian agencies gathered intelligence on Indonesia and a law firm acting for it during US-Indonesia trade negotiations.

This line the US is attempting to draw between what is illegitimate (spying to benefit particular companies) and legitimate (spying to broadly benefit companies and the economy) is not appreciated nor accepted by other countries.

The views expressed are entirely the writer's own.

Contributed by Global Trends Martin Khor
Martin Khor is the Executive Director of the South Centre since 1 March 2009. He replaced Dr. Yash Tandon who was the Executive Director of the South Centre from 2005-2009
 
Related posts:

As the most notorious surveillance country, the U.S. indictment of Chinese military officers seems almost insolent in a world still reeli...

U.S. cyber attacks, latest data published, China denies accusations...
A spokesperson for China's State Internet Information Office on Monday published the latest data of U.S. cyber attack, saying that Chi...

  
New security structure needed: Trust, collaboration key to Asian security
Chinese president urges countries to cooperate to promote security Chinese President Xi Jinping says the 4th Co...

Thursday, 22 May 2014

New security structure needed: Trust, collaboration key to Asian security




The fourth summit of the Conference on Interaction and Confidence Building Measures in Asia (CICA), under the theme of "enhancing dialogue, confidence and coordination, and on jointly constructing a new Asia with peace, stability and cooperation," was held in Shanghai Wednesday. Chinese President Xi Jinping delivered a keynote speech calling for a proactive outlook on Asian security and a new security cooperation framework. The intertwined key words have sketched the contours of this summit.

When it comes to Asia, scholars from all around the world will focus on two phenomena: economic growth and security dilemma. The economic development of Asia has promoted the interdependence and integration of interests among nations in this region, which constitute the resources of Asian security at the present stage. Meanwhile, many Asian countries feel insecure, which has little to do with a country's size and strength. Though it is a large and powerful Asian state, China doesn't have a better sense of security than smaller countries.

With a myriad of leftover conundrums, Asian countries have become interest-conscious as quickly as economic growth. Nonetheless, Asia is in dire need of an efficient security mechanism as well as common consensus to achieve it.

Asia has long been affected by external forces and in particular the US to a large degree. Washington has forged military alliances with several Asian countries and sometimes targeted a third party, making it all the more difficult for Asia to entirely cast off the specter of the Cold War. The US "rebalancing to Asia" policy conforms to its global strategy, inevitably increasing the cost of achieving Asian security.

Across the fairly intricate tapestry of Asian security, there is no difference between small and big powers in terms of security guarantee. Various messages further fuel contradictions and disorders in the region and add to strategic uncertainty.

Asian countries need to distinguish between realities and wishes and learn to compromise. It is unrealistic for some countries to quit counting on Washington in the short term but all Asian nations should recognize Uncle Sam cannot tide them over the security dilemma. Therefore, they should divert more attention to coordinating security concerns among themselves.

Security in Asia will eventually be realized through increasing mutual trust and cooperation in this region. We welcome external powers to play a constructive role in this process but object to their biased interference that will only increase the possibility of regional conflicts.

China is a rarely patient country in the world and spares no efforts to promote peace, which is a starting point and pillar for permanent peace in Asia. Resolution to safeguard peace may constitute the invisible bottom line despite numerous potential flashpoints in Asian security. - Global Times

Related:

China to advance CICA security role in Asia


 China to advance CICA security role in Asia

 Shanghai, a traditional financial center in Asia, will witness a new security framework that could change the global political structure.

 

US cyber charge ridiculous

The Obama government will now be forever remembered not just as the "we spy" government but as the "we spy and lie" government.

 Spy charges expose U.S. cyber hegemony mentality

The United States has indulged in its cyber hegemony mentality again as it filed ungrounded commercial cyber espionage charges against five Chinese military officers.

Chinese envoy accuses US of hypocrisy on indicting Chinese for Internet espionage

Chinese Ambassador Cui Tiankai on May 20 accused the United States of hypocrisy for charging five Chinese nationals of alleged commercial espionage, citing Edward Snowden's revelations of US spying operations worldwide.

Related posts:

A spokesperson for China's State Internet Information Office on Monday published the latest data of U.S. cyber attack, saying that Chinese... 


As the most notorious surveillance country, the U.S. indictment of Chinese military officers seems almost insolent in a world still reeli...