A worker is silhouetted against a computer display showing a live visualization of the online phishing and fraudulent phone calls across China in this file photo. China Telecom was caught employing a different method of cyber spying, namely diverting internet traffic. (AP Photo/Ng Han Guan, File)

China Telecom Hack Highlights Lack of Respect for Accords, Reciprocity

Another warning for Canada on a wanting to build a closer relationship with China

NEWS ANALYSIS

Two common themes keep emerging in China’s interaction with Canada and the United States: circumventing agreements and a lack of reciprocity. Invariably, at the centre of the issue are the deceitful actions of Chinese state-owned enterprises (SOEs).

The latest example of China’s cyber spying in Canada and the United States is diverting internet traffic. Other attempts at cyber espionage include back doors in Huawei smartphones and routers, malware, and special microchips on motherboards.

Certainly, China is not respecting the spirit of understandings with Canada and the United States on cyber hacking, which increasingly appear to be toothless.

Researchers Chris C. Demchak of the U.S. Naval War College and Tel Aviv University’s Yuval Shavitt recently detailed how China hijacks internet traffic in a paper written for the U.S.-based Military Cyber Affairs journal.

The report, titled “China’s Maxim—Leave No Access Point Unexploited: The Hidden Story of China Telecom’s BGP Hijacking,” states that China’s economic progression depends on “massive expropriation of foreign R&D.” BGP, or border gateway protocol, is one of the two software protocols used by the “glue” holding the internet together.

China Telecom Canada, a Chinese SOE and wholly owned subsidiary of China Telecom Americas, opened a branch office in 2005 and is headquartered in Markham, Ontario.

Conservative member of Parliament Tom Kmiec, who warned the government about the potential takeover of Canadian infrastructure and construction giant Aecon by a Chinese SOE on public safety and national security grounds, sees his concerns playing out with China Telecom.

“The future in terms of global trade and trade deals—there needs to be a broader debate about state-owned enterprises,” he said in an interview. “We should have a broader debate in Canada on whether we should allow any of them to do business here in any significant way.”

With the United States tightening the noose around the necks of Huawei and ZTE, China Telecom—the third-largest Chinese telecommunications firm—has seemed to be operating more quietly until now and may have been ordered to step up its intelligence-gathering efforts.

Accords Not Respected

In September 2015, U.S. President Barack Obama and Chinese President Xi Jinping agreed to stop military forces from hacking commercial enterprises. For some time, the deal appeared to be working, as far fewer hacks were being reported, but since the agreement only covered military activities, it did not prevent Chinese SOEs from carrying on stealing trade secrets and more.

“While the 2015 agreement prohibited direct attacks on computer networks, it did nothing to prevent the hijacking of the vital internet backbone of Western countries,” the report states.

Starting in February 2016 and for about six months, China Telecom hijacked internet traffic going from Canadian to Korean government sites and diverted it through China.

This was accomplished through access points on the internet called points of presence (PoPs), which allow the party controlling them to redirect and copy data. China has eight PoPs in the United States and two in Canada, but the North American countries have none in China.

Similar to the lack of reciprocity in trade and foreign direct investment between Canada and China and between the United States and China, the North American countries have been naïve in letting China establish these PoPs.

“I honestly don’t know how they got PoPs in the United States without someone in the U.S. government giving it a blind eye or approval at the State Department level,” said cybersecurity expert Gary Miliefsky in an interview. Miliefsky is a founding member of the U.S. Department of Homeland Security and publisher of Cyber Defense Magazine.

“This story is just unfolding and is very big when it comes to stupidity and no reciprocity. So why did we let it happen?” he said.

Also, China has not been respecting the Canada-China National Security and Rule of Law Dialogue, which began in September 2016.

“The two sides agreed that neither country’s government would conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information, with the intent of providing competitive advantages to companies or commercial sectors,” according to a statement from the dialogue released in June 2017.

Global Affairs Canada did not respond to a request for a 2018 update on the dialogue and the latest actions of China Telecom.

“Reciprocity—that’s the keyword now. … It’s just an expectation that they’re [China] going to treat us … in the same manner,” Kmiec said. “That’s always been a problem.”

The authors of the “China’s Maxim” report recommend a reciprocity policy, with one version being to have Beijing allow PoPs on Chinese soil based on a ratio of population size between China and other countries. For example, this would mean China allowing three times as many PoPs on its soil (24) as the eight it has in the United States.

Miliefsky is highly skeptical that the United States and Canada will ever get their own PoPs in China. In addition to the eavesdropping on Chinese intellectual property, it could fundamentally threaten the control that the ruling communist regime maintains over the Chinese public.

“It could lead to uncontrolled knowledge by their own citizenry and even wanting for a first amendment like we have here in the United States,” he said.

Ending a War

Cyber warfare has been going on for decades, though a lot of it doesn’t grab headlines.

“Let’s just give China the thumbs up—in a bad way—for being the most proactive and multi-generationally serious about it,” Miliefsky said.

“Most of the greatest malware in the world is deployed out of China and most of the hardware made in that country is designed with purposeful flaws, in some cases for very easy exploitation,” he added.

Thus, computer chips, mobile devices, and internet-of-things (IoT) hardware have all become major security risks for companies and private citizens. This is one of the major accusations levied against Huawei—that it builds vulnerabilities or back doors in its products.

Huawei has maintained its innocence, but a Nov. 2 story by The Weekend Australian highlights the Chinese company’s role in cyber espionage. According to an Australian national security source, Chinese foreign intelligence allegedly obtained Huawei’s help to get access codes to break into a foreign network.

“I don’t think we’re going to see China let up, but we’re going to keep catching them red-handed, if you will,” Miliefsky said.

He hopes continued intelligent management of the complex Sino-U.S. relationship brings about fundamental change.

“It could take 20 years or longer to make necessary improvements … where this behaviour becomes … abhorrent to the Chinese people,” Miliefsky said.

For Canada, as it entertains overtures from China to renew free trade talks, it must consider the duplicitous behaviour not only in international trade, but also with respect to bilateral accords and understandings on cyber.

“The government of Canada has to take a very clear stance that there will be no more negotiations of any treaties until such time as these diversions of internet traffic and espionage actually stops,” said Kmiec.

Follow Rahul on Twitter @RV_ETBiz