A recent academic report claims that China has been routinely and systematically hijacking internet traffic from the United States, Canada, Europe and other countries through security flaws in the deep structure of the internet. To put it simply, somebody in Beijing may be receiving and reading your emails before you do, as well as capturing your passwords and other personal data from websites you visit.
“China ’s Maxim – Leave No Access Point Unexploited: The Hidden Story of China Telecom’s BGP Hijacking,” by Chris C Demchak of the US Naval War College and Yuval Shavitt of Tel Aviv University. The report was published in a peer-reviewed journal published annually by the Military Cyber Professionals Association.
The report alleges that a voluntary US-China 2016 agreement, which aimed to stop military forces from hacking commercial enterprises for economic gain, has appeared to reduce Chinese internet theft against western targets. However, as the report also notes, China’s technological development still continues to be “dependent on massive expropriation of foreign R&D.”
The report documents one way in which that is carried out.
An ‘innocuous player’
As Chinese companies such as Huawei and ZTE are viewed with suspicion in the West, the Chinese government has chosen what the researchers call “a seemingly innocuous player” to reroute, or hijack, internet traffic. The so-called “innocuous player” is state-owned China Telecom, a telecoms giant with close to 300,000 employees.
To understand how China Telecom has been able to divert internet traffic to China and copy it, as the report claims, it is necessary to delve briefly into the obscure world of the internet’s foundational infrastructure.
Essentially, China Telecom has numerous Points of Presence (PoP) in the US and Europe. Think of a PoP as a delivery system that ensures that “packages” sent via the internet reach their intended destinations as efficiently as possible. They are delivery services that connect all the smaller networks that comprise the overall internet.
The small networks are called autonomous systems and could be anything from banks and tech giants to your local Internet Service Provider.
On the other hand, overseas telecoms are barred from operating PoPs in China. The country has just three gateways, in Beijing, Shanghai and Hong Kong. This protects China’s domestic traffic from foreign hijacking.
Meanwhile, enter Border Gateway Protocol (BGP) – the key Internet routing protocol for connecting the innumerable autonomous systems that comprise the internet.
Insecure protocol
“BGP is a notoriously insecure protocol used to route internet traffic,” comments Cory Doctorow, a respected technology pundit. Doctorow continues: “By design it is dynamic and responsive, moving traffic away from congested routes and onto those with more capacity: this flexibility can be exploited to force traffic to route through surveillance chokepoints.”
BGP was developed in 1989 – when the internet was generally perceived as an emergent technology bringing the world closer together. It was also the same year that the internet first began to be used in China. In fact, the country did not start to fully implement the internet, and on a negligible scale, until 1994, when China was still widely regarded as a benign backwater.
China is rightly no longer regarded as benign or a backwater, and its hijacking activities are difficult to detect. China Telecom has multiple points of presence (PoPs) in North America and Europe and rerouting traffic via ultra-fast fiber-optic cables causes delays to be almost unnoticeable.
All the same, the report is not exactly news. BGP exploits are probably more common than is largely realized and are probably used by all state players capable of doing so, notably Russia.
But China is regarded as a particularly egregious player. In 2010, for example, the US-China Economic and Security Commission reported to the US Congress on such “hijacks” in a 300-page report that included information on an incident in which 15% of global internet traffic suddenly started to pass through Chinese servers en-route to its intended destinations, according to Ars Technica, a technology-focused news website.
Malicious intent
This would be less problematic if all internet traffic were highly encrypted. Unfortunately, some of it is not. But as the researchers also note: “If diverted and copied for even small amounts of time, even encrypted traffic can be broken.”
In the meantime, the attacks continue and will likely continue to do so. The researchers describe the hijacks as “repetitive,” suggesting “malicious intent.”
Events documented by the report include a six-month period from February 2016, when traffic from Canada to South Korea was “hijacked by China Telecom and routed through China” and a similar incident in which traffic from several locations to the US to “a large Anglo-American bank headquarters in Milan, Italy was hijacked by China Telecom to China.”
If there is any key takeaway from reports such as this, it is that the internet, which has revolutionized modern life, was built on trust. We now live in untrusting times.
Yashad Rizvi that is that i wonder myself that this dumb chinese idiot hates the whites but prefers to live in a white man’s country instead of his wonderful chinese motherland.
Yashad Rizvi that is that i wonder myself that this dumb chinese idiot hates the whites but prefers to live in a white man’s country instead of his wonderful chinese motherland.
Most of the emails are useless and worthless, the can come and read anytime they want my emails, because there is no money in it.
Most of the emails are useless and worthless, the can come and read anytime they want my emails, because there is no money in it.
Yashad Rizvi
Yashad Rizvi
Yashad Rizvi I’ve always said, at least dozen times here, the CCP and its members and families should be much more powerful, richer, and Machiavellian to ensure a long, stable, and prosperous China. Not doing so is how the Cao clan lost Wei to the Sima clan. Got it? hahahahha
Yashad Rizvi I’ve always said, at least dozen times here, the CCP and its members and families should be much more powerful, richer, and Machiavellian to ensure a long, stable, and prosperous China. Not doing so is how the Cao clan lost Wei to the Sima clan. Got it? hahahahha
Rudi Matich Agreed. Maybe his daughters prefer larger limbed Americans.
Rudi Matich Agreed. Maybe his daughters prefer larger limbed Americans.
US hacking everyone mainly caused by the mess they visit upon the folks in the middle east which in turn caused those ME folks to turn on the west which the west then made it everyones problem which according to them, gave them the right to hack everyone else. This is not unlike the gangster asking for protection monies from themselves.
US hacking everyone mainly caused by the mess they visit upon the folks in the middle east which in turn caused those ME folks to turn on the west which the west then made it everyones problem which according to them, gave them the right to hack everyone else. This is not unlike the gangster asking for protection monies from themselves.
WuKong Sun I am sure your masters reward you well. And happily send you off to die on the larger Western weapons for your stupidity and their wealth.
WuKong Sun I am sure your masters reward you well. And happily send you off to die on the larger Western weapons for your stupidity and their wealth.
Chinese have very small weapons.
Chinese have very small weapons.
While Chinese just detain the Uighurs and Tibetans. Who are the gangsters in China, the CCP !
While Chinese just detain the Uighurs and Tibetans. Who are the gangsters in China, the CCP !
Yashad Rizvi cant be worse than those Palestinian being hemmed in on a strip of land, bombed, utilities stopped or kids being randomly shot at by plastic bullets by the Israelis fully Okd by the US? or the Yemenis being bombed by US made rockets and trying their comical best to dig the idiotic Saudis out of all kinds of sh*thole they tend to dig themselves into? money and strategic importance do talk. Uighurs? judging by your past comments you should stop shedding crocodile tears. There would be a time when they would be like the Huis and live peacefully instead of being angsty all the time. Articles are abound about he US intending to turn these Uighurs into the Chinese Afghanistan. Tibetans? I like to visit that place first . I do agree though the CCP may have some useless deadbeat gangsters in their ranks but they are consistently being outgangsterised by the Trump admin.hehe
Yashad Rizvi cant be worse than those Palestinian being hemmed in on a strip of land, bombed, utilities stopped or kids being randomly shot at by plastic bullets by the Israelis fully Okd by the US? or the Yemenis being bombed by US made rockets and trying their comical best to dig the idiotic Saudis out of all kinds of sh*thole they tend to dig themselves into? money and strategic importance do talk. Uighurs? judging by your past comments you should stop shedding crocodile tears. There would be a time when they would be like the Huis and live peacefully instead of being angsty all the time. Articles are abound about he US intending to turn these Uighurs into the Chinese Afghanistan. Tibetans? I like to visit that place first . I do agree though the CCP may have some useless deadbeat gangsters in their ranks but they are consistently being outgangsterised by the Trump admin.hehe
China may be reading your email or maybe not. But we do know for sure that the NSA is reading your email, tracking our FB and all other social media communication. But no worries, Americans are the good guys. Like doh.
China may be reading your email or maybe not. But we do know for sure that the NSA is reading your email, tracking our FB and all other social media communication. But no worries, Americans are the good guys. Like doh.