Print 27 comment(s) - last by WinstonSmith.. on Nov 18 at 10:22 AM

A U.S. Congressional panel says that requests for U.S. government and corporate sites were funneled out of the U.S. and through China telecom for a brief period last year.  (Source: Mobile Phone Co.)
Redirections allowed China to gain access to U.S. citizens' web activity illegitimately

According to an upcoming report by the U.S.-China Economic and Security Review Commission, a U.S. Congressional advisory group, a major Chinese telecom succeeded in effectively hijacking U.S. internet traffic last year.

Normally web traffic is routed via the fastest route -- typically through domestic connections.  This principle of the internet has in the past helped to secure domestic traffic.  However, the greater global internet is all connected, so in theory traffic could be routed abroad through international connections to foreign routers, returning through yet more international connections to domestic servers.

Obviously this kind of routing is a tremendous security risk.  And it's reportedly exactly what happened last year.

U.S. citizens trying to access government sites, such as the U.S. Senate, the office of the secretary of defense, NASA, and the Commerce Department last year had their traffic routed through China Telecom, the third largest telecommunications company in China and a company whose major owner is the government of China.

Traffic request for several major commercial companies were also briefly rerouted, according to the report.

The rerouting may have been an example of China testing U.S. web security and gauging the nation's ability to protect its users' data requests.  If that was the case, the U.S. government failed miserably to protect its citizens' data.

The report describes, "Evidence related to this incident does not clearly indicate whether it was perpetrated intentionally and, if so, to what ends. However, computer security researchers have noted that the capability could enable severe malicious activities."

China Telecom did not deny the incident occurred, but did deny that it intentionally "hijacked" U.S. citizens' traffic.  A company statement reads, "The spokesman of China Telecom Corporation Limited denied any hijack of internet traffic."

Aside from the suspicious misdirection, the security report found many other troubling clues to a Chinese hand in cyberattacks and cybercrime committed against U.S. citizens and corporations.

Among its finding, it found that 28 percent of phishing scams -- false emails designed to lure users into accidentally giving up their passwords or personal information -- originated from China.  And it adds, "Anecdotal reports about the success of these activities continue to surface, some with compelling links to the Chinese government."

The report also details the theft of the incredibly valuable source code that runs Google's search engine last year -- a theft which originated in China.  The incident and the ensuing lack of cooperation from the Chinese government subsequently caused Google to briefly defy the Chinese government's censorship, before finally relenting and recensoring its search.  Some suspect that the attack was perpetrated by China's leading search engine, Baidu, and suspect that the Chinese search giant may incorporate algorithms from the code to improve its own search.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

RE: Our government will do nothing
By Yames on 11/17/2010 1:42:52 PM , Rating: 2
No on can definitively prove that it is the Chinese Govt that is behind any of the thefts, although all the anecdotal evidence points to them.

Regardless, any telco/ISP on the Internet can manipulate the routing table purposely or accidentally. It will be up to the rest of the telcos that propagate the routes from this particular one (its neighbors) to monitor and potentially deny updates from them.

RE: Our government will do nothing
By FITCamaro on 11/17/2010 2:21:05 PM , Rating: 5
You have to completely naive to believe that the Chinese government, which owns these companies, is not involved in the massive amount of cyber espionage coming out of China.

"Spreading the rumors, it's very easy because the people who write about Apple want that story, and you can claim its credible because you spoke to someone at Apple." -- Investment guru Jim Cramer

Most Popular ArticlesAre you ready for this ? HyperDrive Aircraft
September 24, 2016, 9:29 AM
Leaked – Samsung S8 is a Dream and a Dream 2
September 25, 2016, 8:00 AM
Inspiron Laptops & 2-in-1 PCs
September 25, 2016, 9:00 AM
Snapchat’s New Sunglasses are a Spectacle – No Pun Intended
September 24, 2016, 9:02 AM
Walmart may get "Robot Shopping Carts?"
September 17, 2016, 6:01 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki