24 October 2018

US Tech, Social Media Embolden China in Cyber War

By Larry Bell
Source Link

On Oct. 1, Vice President Mike Pence called upon U.S. companies to reconsider business practices in China that involve turning over intellectual property or "abetting Beijing’s oppression." Speaking at the Hudson Institute, he said, "For example, Google should immediately end development of the Dragonfly app that will strengthen Communist Party censorship and compromise the privacy of Chinese customers." Dragonfly is a mobile version of Google’s search engine which is being designed and tested to adhere to China’s strict citizen censorship program. In response, a spokeswoman for Google, a unit of Alphabet Inc., simply referred to a previous statement that described the company’s work as exploratory and "not close to launching a search product in China."


During the same talk, Pence accused China of seeking to "foster a culture of censorship" in academia. In doing so the vice president referenced Ms. Yang Shuping, a University of Maryland student from China who, along with her family, became a target of criticism there after praising the "fresh air of free speech" in America.

Google’s social media censorship collaboration with China becomes ever more troubling as that country now aggressively extends cyber spying beyond their own borders. Recent Chinese cybersecurity rules give their authorities sweeping powers to inspect proprietary technology and information of all foreign businesses dealing with Chinese operations which "may endanger national security, public safety and social order." Those categories provide carte blanche opportunities to be interpreted any way they deem useful.

The cybersecurity law also mandates internal security checks on technology products that are critical industries such as banking and telecommunications. Foreign companies operating in China are to be held responsible for allowing prohibited information to circulate online. Internet service providers must also provide "technical support" to authorities during national security or criminal investigations.

In addition, the law mandates that all companies working in China store their data there. This requirement enables Beijing to force the disclosure of source codes and other corporate secrets purportedly to prove their equipment is secure, information which they can then leak to domestic competitors.

In dutiful compliance, Microsoft Corp. has opened what it calls a “transparency center” in Beijing where officials can test its products for security. Apple Inc. is building a data center in the province of Guizhou to comply with rules requiring cloud data from Chinese customers to be stored in China. And in anticipation of the law, Amazon transferred operational control of its Beijing data center to its local partner, Beijing Sinney for a payment of about $300 million.

Any information that can’t be coerced or bribed from American companies China is remarkably well positioned to steal. Bloomberg Newsweek reported that in 2015 Amazon.com Inc. began quietly evaluating a potential acquisition startup called Elemental Technologies, a producer of software for compressing massive video files for use onboard the International Space Station, CIA drones, naval warships, DOD computers, and a variety of other security-sensitive applications.

Amazon Web Services (AWS) was interested at the time in using Elemental Tech for highly secure cloud servers being assembled for them by Super Micro Computer Inc. (Supermicro), one of the world’s biggest suppliers of server motherboards. These are the fiberglass-mounted clusters of chips and capacitors that act as the neurons of large and small data centers.

According to Newsweek, AWS became surprised to discover tiny secret microchips about the size of a grain of rice nested in some of the server motherboards. They were later traced to a unit of the People’s Liberation Army operating out of four Chinese computer parts subcontracting companies.

Although very small, the inserts enabled the devices to communicate with other anonymous computers elsewhere on the Internet loaded with a more complex codes. This enabled hackers to alter those codes so that servers won’t check for passwords, to steal security encryption keys, to block security updates that would detect and neutralize the attacks, and to open up additional stealth pathways to the Internet.

Newsweek asserts that although Amazon denied the discovery claims, the disclaimers were countered by six current and former senior national security officials who provided details.

However, no consumer data is known to have been stolen.

Those stealth chips discovered in Supermicro devices were crude compared with far more sophisticated designs an Amazon security team found in altered motherboards being assembled in AWS’s Beijing facilities. Some were thin enough to be embedded between layers of fiberglass upon which components were attached.

Others were smaller than a sharpened pencil tip.

As Newsweek noted, few companies have the resources of Apple and Amazon, and it took some luck even for them to spot the problem: "This stuff is at the cutting edge of the cutting edge, and there is no easy technological solution."

So long as American AI tech and social media companies support China, that weaponized cutting edge will become ever more deadly.

Larry Bell is an endowed professor of space architecture at the University of Houston where he founded the Sasakawa International Center for Space Architecture (SICSA) and the graduate program in space architecture. He is the author of several books, including “Thinking Whole: Rejecting Half-Witted Left & Right Brain Limitations” (2018), “Reflections on Oceans and Puddles: One Hundred Reasons to be Enthusiastic, Grateful and Hopeful” (2017), “Cosmic Musings: Contemplating Life Beyond Self” (2016), and "Scared Witless: Prophets and Profits of Climate Doom" (2015). He is currently working on a new book with Buzz Aldrin, "Beyond Footprints and Flagpoles." — Click Here Now.

No comments: