China’s Maxim –Leave No Access Point Unexploited: The Hidden Story of China Telecom’s BGP Hijacking
Chris C. Demchak
Yuval Shavitt
Hijacking Internet Traffic not covered by the anti-theft 2015 Xi-Obama Agreement
scholarcommons.usf.edu
Cover Page Footnote
The views and ideas expressed here are the authors alone, and do not represent those of the Department of Defense, U.S. Navy, or U.S. Naval War College.
Small Excerpt:
Surprisingly, the voluntary 2015 Xi-Obama agreement stopping military forces from hacking commercial enterprises for economic gain did appear to dramatically reduce Chinese theft efforts against western targets. China’s technological development process, however, was still dependent on massive expropriation of foreign R&D. This necessitated new ways to get information while still technically adhering to the agreement. Since the agreement only covered military activities, Chinese corporate state champions could be tasked with taking up the slack. But even Chinese multinationals,such as Huawei or ZTE,were already being viewed with suspicion. Instead data suggests the government opted to leverage a seemingly innocuous player –one that is normally viewed as a passive service provider–to target the foundational infrastructure of the internet to by pass the agreement, avoid detection, and provide the necessary access to information. Enter China Telecom 3–a large state champion telecommunications company–as an option. While the 2015 agreement prohibited direct attacks on computer networks, it did nothing to prevent the hijacking of the vital internet backbone of western countries. Conveniently, China Telecom hasten strategically placed, Chinese controlled internet ‘points of presence’4(PoPs) across the internet backbone of North America. Vast rewards can be reaped from the hijacking, diverting,and then copying of information-rich traffic going into or crossing the United States and Canada –often unnoticed and then delivered with only small delays.This essay will show how this hijacking works, and how ChinaT elecom seems to employ its distributed points of presence(PoPs) in western democracies’ telecommunications systems to selectively redirect internet traffic through China. It will show the observed routing paths, give a summary of how one hijacks parts of the internet by inserting these nodes, and outline the major security implications. These Chinese PoPs are found all over the world including Europe and Asia. The prevalence of –and demonstrated ease with which–one can simply redirect andcopy data by controlling key transit nodes buried in a nation’s infrastructure requires an urgent policy response. To that end, we recommend an ‘Access Reciprocity’ strategy for vulnerable democracies–one that is ... |
