Concerns for Chinese firms and the cyberespionage

We often discuss about warfare and cyberespionage, focusing on the usage of technology to steal intellectual property of foreign states. Of course the countries that have valuable technology skills are most exposed to targeted attacks that daily try to steal information regarding hi tech projects. Japan, US and European Countries are preferred target of many nations, China first, but also Russia, Iran and North Korea.

Which are information they were looking for?

Patents, confidential information related to policies of private companies, government information, all these date are principal targets of hackers sponsored by foreign governments.

Which are the main methods of cyberespionage?

The methods of cyber espionage are innumerable, the use of malware and hacking for infiltrating enemy networks are undoubtedly the most successful techniques. But don’t forget that we live in the era of globalization, US and Chinese companies operate everywhere in the world, however American law enforcement officials declared that giving in outsourcing critical services, such as telecom, could allow theft of intellectual property and cyberespionage. According to the FCC, 43.5% of the company is indirectly owned by foreign interests.

Of course the threat is not related to every foreign company but it’s specific for those businesses that are government-owned like some Chinese mobile phone giants. The specific case is related to the world’s largest mobile provider China Mobile applied in October for a license from the Federal Communications Commission to provide service between China and the United States and to build facilities on American soil. Of course the concerns of the intelligence services are high, providing similar projects foreign companies have access to communication infrastructures and network traffic making possible spying operations and the exposure of intellectual propriety and national secrets. The risks is concrete, in many occasion has been discussed about the continuous attacks of Chinese stated sponsor hackers against American networks. Officials from the FBI, the Department of Homeland Security and the Justice Department’s national security division compose a special collective named “Team Telecom,” in charge of review FCC applications by foreign-owned companies. The problem is really critic, on one side we have valuable business opportunity, on the other hand there is the security of the nation, for this reasons the group have to define a proper agreement to preserve both needs. In discussion is the routing of traffic from US Carriers (e.g. Verizon Communications Inc. or AT&T Inc) on networks the management of which is licensed by China Mobile. The firm declined to address allegations about Chinese spying and is actually collaborating with US Government for the definition of a satisfactory agreement. In the past Chinese companies China Telecom and China Unicom have been already engaged to carry telecommunications services, but they were other times when no cyber strategy took into account the threat of cyberespionage. Similar agreements have required in the past to the manufacturer the classification and census of all equipment used as communication vector such as undersea cables used to carry traffic to and from the United States. Meanwhile in US is discussing the allocation of services to foreign companies the Reuters agency has confirmed that the ZTE Corp, the world’s No.4 handset vendor, reported that one of its mobile phone models sold in the US contains a vulnerability that could allow a remote control of the handset. The backdoor affects ZTE’s Score model based on Android operating system, it’s the first case reported on the platform and many expert are convinced that the event is not casual. Not to mention the rivers of charges read out against another Chinese company with state participation, the Huweai.

Personally I feel very justified concerns of U.S. security experts, the risk of espionage is real must be managed with the utmost care to avoid catastrophic consequences.

Pierluigi Paganini