Information Warfare: Little Boxes From China

Archives

August 9, 2012: Chinese telecommunications firms, especially giants like Huawei and ZTE, have grown huge because they supplied most of the networking gear needed to put over a third of Chinese on the Internet. Twelve years ago only two percent of Chinese had internet access, now over 34 percent do. That's over 400 million people. Huawei and ZTE began exporting early on and have been very successful in Africa and Asia. But in the West there is fear that the Chinese Internet hardware producers, because they have close ties with the Chinese military, could be slipping special (secret from the users) features that would help China shut down, monitor, or control Internet traffic in countries using Chinese hardware.

It's not just a Western thing. Two years ago, fearful of spyware embedded in hardware and software, India banned the importation of cell phone equipment from major Chinese manufacturers (Huawei, ZTE, Acelink, and UT Starcom). These firms have come to dominate the Indian market, largely because of low prices and acceptable quality. But Indian intelligence officials, without revealing any details, pushed for the ban. There had been an earlier ban on cell phones themselves, but the new ban also covered Chinese central office gear, which runs the cell phone networks. In theory, Chinese intelligence could have this equipment modified with secret (but not impossible to find) features that allowed Chinese operatives to gain secret access to Indian cell phone networks, either from China or inside India. No one has identified or revealed such features.

The China firms did whatever it took to keep shipments moving. And this may have had more to do with spreading around some bribes in the right places, than with actual spyware hidden in Chinese equipment. Chinese routers and other Internet gear has been scrutinized for "back doors", "kill switches", and the like but all anyone has been able to find so far is what appears to be sloppy design or programming, some of which would enable a hacker easy access to a network. To some this is a smoking gun but to others its typical and one reason why many still pay a premium to buy Japanese, South Korean, or American equipment.