Research Notes

Telecoms operators’ next big challenge is the 100,000 Chinese hackers attacking their corporate customers every day

It is well known that the Chinese government has the country on lockdown: people are monitored 24/7 with millions of CCTV cameras; the “Great Firewall of China” blocks access to unapproved content and tracks attempts to circumvent it; municipal party leaders keep tabs on citizens. All networks and equipment are operated by companies either owned by the government or are beholden to them. All surveillance data is aggregated into a unified system of social credits intended to standardize the assessment of the social and financial reputations of individuals and firms. People who don’t live up to the Chinese government standards are sent to “transformation-through-education” or reeducation camps and generally are denied due process to defend their activities, according to Amnesty International. In practice, not a single bit of information moves outside of the government’s purview.

It’s curious then why more cyberattacks originate from China than any other nation. Indeed, if China was so concerned about law and order, they could end these attacks immediately, but they don’t. In China, the government controls everything except this people.

The Chinese goal is to get Global domination from telecommunications networks over computers to IOT devices.
China’s expectation is win global domination in 10 key strategic industries by 2025. At the top of the list is information technology and the key products and services associated with AI, IoT, and smart appliances. China’s national champion in this domain is Huawei Technologies Ltd. Huawei’s founder and CEO Ren Zhengfei, a former Chinese military official, is clear about the company’s strategy to deliver not just the equipment that makes up the world’s information networks, but the devices that attach to it for consumer and industrial communications. 

Huawei’s 25-year trajectory is owed to China’s military industrial complex ensuring favorable operating conditions as well as a supply of guaranteed government contracts to conduct the surveillance state across 1.4 billion Chinese. It’s no surprise that Huawei supplies the telecom infrastructure in Cuba and Venezuela where it has close ties to the political leadership and can provide references on how to monitor political opponents.

Chinese hackers are here there and everywhere
What advanced technology China has not been able to develop itself, it appropriates through other methods, whether forced technology transfer or theft. U.S. cybersecurity vendor Cybereason issued a report describing “an ongoing global attack against telecommunications providers that has been active since at least 2017.”  The report concludes the perpetrator is the APT10, an “advanced persistent threat,” and a state-supported Chinese espionage group. In December 2018, the U.S. government has indicted APT10 members with conspiracy to commit computer intrusion, conspiracy to commit wire fraud, and aggravated identity theft.  The indictment noted the hackers worked in tandem to steal intellectual and technological information from dozens of commercial and defense technology companies throughout the continental United States.  Additionally, APT 10 is also responsible for the theft of personnel information for 100,000 U.S. Navy personnel.

In Norway, the supplier of finance systems in the cloud Visma saw that Chinese hackers tried to steal client data – Visma is a company that delivers finance systems to hundreds of thousands of companies around the world.

Australian intelligence officials claimed China may have accessed thousands of files and 19 years’ worth of data – to include tax and banking records – on Australian National University students and staff.  Many of ANU’s graduates serve in the country’s intelligence and security agencies.

Symantec unveiled in June how Chinese hackers have attacked satellite and telecommunications infrastructure in the west.

Breaches like these are not new. The Center for Strategic and International Studies identified China as responsible for the greatest number of cyberattacks by any nation over the past dozen years.  It reached this conclusion from examining public data only.  The true depth of China’s efforts – and successes – in penetrating western networks is probably still unknown. Foreign Policy also described China’s Hacker Army in 2010.

One thing is that you use telecommunications networks to monitor people something else is the way you can use computers and the many Internet of Things devices in the future. If a Huawei network is a security threat, then a Lenovo computer or one of the many IOT solutions that Huawei is aiming for may also be a threat in the future.

Cyberhackers are looking for vulnerabilities to exploit, but if you can build products and services with backdoors, the Chinese government has an open road to telecom operators’ corporate customers information, technology, and secrets.

Why does the Chinese system stop the many hackers in the country?
There is something to suggest that the Chinese system and the Chinese President Xi Jinping are in control of anything but the many hackers in China. What causes the Chinese government to control almost the entire population, close to those who often try to hack into Western companies and governments’ systems?

If the board of Beijing has the will, there is no doubt that they could easily stop the many Chinese hackers. Some of the most well-known Chinese hacker groups are: APT10, APT1 or Comment Crew, KeyBoy, Honker Union, NCHP or Network Crack Program Hacker Group, Elderwood group etc. Many of these groups have, according to experts, close relations with the Chinese People’s Liberation Army and the Chinese government in general. We suspect that there is a reason why China does not do a serious job of stopping the many Chinese hackers are attacking telecom operators corporate customers information, technology, and secrets.

Can a contract create security? No.
The fact that the Chinese government and companies like Huawei have not understood how to look at national security in the West has meant that “Made in China” has gained a whole new meaning. In a world where more and more is being digitized, bad experiences have resulted in Western companies and governments not having the same belief in the system in China as you have a few years ago.

When talking to telecommunications companies around the world, many of them respond that the greatest pressure in relation to their use of Chinese equipment does not come from governments but from their business customers who often compete against Chinese companies. Companies that have experienced how their Chinese competitors have stolen their intellectual properties and who have experienced the Chinese spying on them. Many of these companies’ fears relate to things they have experienced on their own body in their own business.

The fear of Chinese networks is not a fear isolated to governments, it is a fear that many large and small companies share with the authorities and with their telecommunications providers.

There has been written and said a lot about Huawei over the past 9 months and about their relationship with the Chinese government. Let’s be honest Huawei uses gigantic resources to influence the press with a story of trusting them and not having the close relationship with the Chinese government that many are talking about.

In recent month, Huawei has come up with an offered to make a no-spy agreement with the United Kingdom, German, and Danish governments:

“If Huawei is one day pressed by the state to spy, the agreement obliges us to inform the Danish government, which can immediately cancel all contracts concluded. If Danish politicians have other wishes for the agreement, we would very much like to meet and discuss it,” says Jiang Lichao.

The offer of a no-spy agreement is an implicit confirmation that spying can occur, and it fails to provide insurance or security. It is telecom operators, not governments, which contract with Huawei. Telecom operators, not the government, are liable for the network’s failings.

I would like to see the CEO of a mobile operator who goes to a board meeting and says that there is nothing to worry about as his government has just entered into an agreement with the Chinese that they must not spy on his customers.

The disclaimer of cyber cicurity is important and ultimately it is not about convincing the telecommunications companies and governments, ultimately it is about business and private customers feel pressured when their data runs through Chinese infrastructure and Chinese devices.

If you would like to learn more about our Next gen telecom policy and regulation: Workshop for leaders in the telecommunications industry concept, please do not hesitate to contact us.

Contact us to get a copy of the report

Request the report