19 July 2022

Alibaba And The Data Thieves: Chinese Authorities Scramble to Plug Leaks after Massive Cyber Breach

Bhaswati Guha Majumder

In the past few years, along with Russia and North Korea, several cyberthreat reports have highlighted China’s name for sponsoring cyberattacks, targeting several countries all around the world. But now it looks like the Chinese Communist Party (CCP)-ruled country has tasted its own medicine since reports have claimed that it faced a massive cyberattack that caused the data leak of more than 1 billion Chinese people.

As soon as the reports went viral, earlier this month, experts stated that if this news is true, then it would make this particular incident one of the biggest data breaches in the world’s history.

It was found that an anonymous hacker gained access to the Shanghai police’s database and, for more than a year, the dashboard for maintaining the database was accessible online without a password, making it simple to browse and recover its contents.

Later, cybersecurity experts said that the data had been kept on Alibaba’s cloud servers, ostensibly by the Shanghai police. It was also claimed that researchers examining the leaked data have identified hallmarks of Alibaba’s cloud service, including the hosting service’s domain name.

According to a report by the Wall Street Journal, cybersecurity experts claimed that for more than a year, a dashboard for maintaining the database was accessible online without a password, making it simple to browse and recover its contents.

So now, the Shanghai authorities have summoned the Chinese tech giant’s cloud division, Aliyun.

CENSORING ONLINE DISCUSSION

People who know how China functions are quite aware of the fact that Beijing effectively silences those voices which either criticise the CCP government or discuss openly any kind of authoritarian failure. For example, late Chinese doctor Li Wenliang, who is now known as the whistleblower of the Covid-19 pandemic, became a target of the authorities after he attempted to tell the citizens about the virus.

Now once again, reports revealed that after the data leak news became public, Chinese authorities reportedly began to quiet online discussions. It happened after a self-proclaimed hacker, “ChinaDan”, offered to sell a massive trove of data, 23TB for 10 bitcoin or the equivalent of about $200,000.

But then, it was reported that the posts and hashtags related to discussions concerning the veracity of the claimed breach were apparently suppressed soon after they surfaced. Popular hashtags like “data leak" and “1 billion citizens’ records leak" could no longer be accessed on the Chinese social media site Weibo.

Meanwhile, WeChat, a popular Chinese messaging service, is said to have taken down posts describing the hack’s potential consequences for Chinese individuals whose personal information was exposed.

Similarly, only a few results for a data breach were reportedly shown by the Chinese search engine Baidu.

Such censorships probably happen because of Beijing’s ultimate moto to portray the country as the supreme powerhouse and one idea which can be termed as “what happens in China, stays in China".

CONCERNED CABINET

Even two weeks after the alleged hacker attempted to sell the massive amount of stolen personal information, including names, phone numbers, addresses, and criminal records, officials in Shanghai and the Cyberspace Administration of China have not publicly commented on the high-profile issue.

But the data leak has also occurred at a time when Chinese President Xi Jinping is just months away from perhaps winning an unprecedented third term. So this incident not only shocked the authorities but also forced the cabinet to focus on the country’s cybersecurity.

Premier Li Keqiang stressed the importance of improving security management provisions, increasing protection capabilities, and protecting personal information, privacy, as well as economic confidentiality in accordance with the law during a State Council meeting, according to local media reports.

Though there was no mention of the massive data breach, the timing of this meeting and the topic which the cabinet has discussed indicates that the authorities are concerned regarding cybersecurity.

However, it should be noted that on January 4 this year, the Cyberspace Administration of China in collaboration with 12 other government agencies released the New Measures for Cybersecurity Review.

The New Measures update the “Measures for Cybersecurity Review” (Draft Revision for Comments) announced on July 10, 2021, and took effect on February 15, 2022.

It was also reported several times that there also are concerns about national security because many platform businesses retain a lot of their customers’ personal data, particularly if foreign agencies or organisations may access this data.

For example, Chinese regulators took action against ride-hailing giant Didi soon after its US listing. Four days after its initial public offering on the New York Stock Exchange, Didi’s app was blocked due to suspicions of unauthorised user data collecting.
TECH COMPANIES

When it comes to the tech industry of China, it has been one of the main targets of a campaign against monopolistic behaviour that began in late 2020, when Ant Group, e-commerce giant Alibaba’s fintech affiliate, had its anticipated high-profile IPO in Hong Kong and Shanghai halted by regulators.

This crackdown affected Alibaba’s market capitalisation.

Now after the Shanghai authorities summoned Aliyun, Alibaba’s shares were down as much as 5.8% in Hong Kong on July 15.

This investigation once again triggers concern among the investors, as they worry that the incident may have an impact on future cloud service rules in China, which might harm some of the biggest companies in the country.

There are also talks about the usage of “state-backed cloud systems” and as per the reports, this shift is already ongoing. For example, local governments in places like Nantong and large corporations like the China Construction Bank were already utilising state-backed cloud infrastructure.

In the case of Aliyun, the Ministry of Industry and Information Technology criticised it last year for failing to notify the government of a software flaw in a timely manner. This incident affected the company’s overall reputation.

After that, the Chinese ministry put a six-month halt on its collaboration with Aliyun on a cybersecurity information-sharing platform.

Meanwhile, Alibaba temporarily disabled access following the disclosure of the data theft and started an internal investigation into the incident, which included examining the database architecture and configurations for their agreements with customers, particularly those with governmental and financial institutions.

All this chaos in China has occurred at a time when in India, the Enforcement Directorate (ED), the Income Tax (I-T) department, and the Directorate of Revenue Intelligence (DRI) are investigating Chinese tech companies. The latest one to come on the radar is Oppo.

Additionally, due to national security concerns, the Government of India also banned over 267 China-based apps in the country including TikTok, Shareit, UC Browser, Likee, WeChat, Weibo, PUBG Mobile, PUBG Mobile Lite, and Alipay.

While these investigations linked to Chinese tech companies may appear unrelated, these are not.

It is understood that the stand-off between the Indian Army and Chinese soldiers at the Line of Actual Control (LAC), in eastern Ladakh and the clashes between the two armies at the Galwan Valley are at the core of the issue.

Since the two nations’ stand-off, the Indian government has expanded its surveillance of Chinese enterprises and the Indian subsidiaries of those companies, leading to numerous inquiries and investigations.

Moreover, it was also reported earlier this year that a massive amount of personal information was being collected by Chinese enterprises under investigation in India for tax evasion and questionable financing, and the purported true beneficiaries were senior CCP members.

The fact that Beijing may access a large portion of this data because Chinese businesses are required by local law to abide by data disclosure regulations raises national security concerns in India about such access.

Apart from companies like Oppo, Vivo, and Xiaomi, Indian security agencies are also looking into more than a dozen Chinese loan apps due to security concerns.

However, it is still not known what kind of new measures will be introduced by the Chinese government after the major hack, but if the new regulations appear to be more concerning, considering the data security of Indians, the Chinese companies may witness more hard times while operating in India.

No comments: