- Joined
- Mar 3, 2018
- Messages
- 1,713
According to a report published by researchers Chris C. Demchak and Yuval Shavitt, China Telecom is redirecting sensitive internet traffic between the U.S. and other countries through China. China itself only has 3 major access nodes that connect to other countries, leaving China's network relatively isolated from the rest of the internet. The report suggests that China's "technological development process" is "dependent on massive expropriation of foreign R&D," and notes that China signed a deal to stop their military forces from hacking western commercial targets 2015. Therefore, to spy on sensitive data, China would have to do it through a 3rd party. That's where China Telecom comes in: the state owned company has "ten strategically placed, Chinese controlled internet 'points of presence' (PoPs) across the internet backbone of North America," which they use to redirect some data back through China. For example, routes between Canadian and South Korean government sites normally take a direct route overseas. But in 2016, the researchers noticed that data passing through a China Telecom node would be redirected back to the Chinese mainland before going back to Korea. In another case, connections between a "Anglo-American bank
headquarters in Milan, Italy " and branches in the U.S. were hijacked. The paper also notes that there's no reciprocity, as major western ISPs don't have a major presence outside of Hong Kong. The researchers say that an "Access Reciprocity" policy needs to be implemented by governments to control these kinds of attacks.
Today China has ten POPs in North America (eight in the US and two in Canada) while the US has none in China. That imbalance in access allows for malicious behavior by China through China Telecom at a time and place of its choosing, while denying the same to the US and its allies. Note that the hijacked routes come from – or are traveling to – allied states, but the traffic stumbles on China Telecom's PoPs due to the shortest route bias in BGP rules and then is hijacked in the US by the Chinese network. If China Telecom had only one PoP - say in Los Angeles at most - then hijacking would be very difficult to achieve and to obscure from oversight. One could even argue that fairness dictates that China Telecom should not extend beyond Hong Kong unless other global peers were given equivalent access to have PoPs in China itself. A new policy is needed: an "Access Reciprocity" policy on internet PoPs located in North America or, indeed, even with allied democratic nations.
headquarters in Milan, Italy " and branches in the U.S. were hijacked. The paper also notes that there's no reciprocity, as major western ISPs don't have a major presence outside of Hong Kong. The researchers say that an "Access Reciprocity" policy needs to be implemented by governments to control these kinds of attacks.
Today China has ten POPs in North America (eight in the US and two in Canada) while the US has none in China. That imbalance in access allows for malicious behavior by China through China Telecom at a time and place of its choosing, while denying the same to the US and its allies. Note that the hijacked routes come from – or are traveling to – allied states, but the traffic stumbles on China Telecom's PoPs due to the shortest route bias in BGP rules and then is hijacked in the US by the Chinese network. If China Telecom had only one PoP - say in Los Angeles at most - then hijacking would be very difficult to achieve and to obscure from oversight. One could even argue that fairness dictates that China Telecom should not extend beyond Hong Kong unless other global peers were given equivalent access to have PoPs in China itself. A new policy is needed: an "Access Reciprocity" policy on internet PoPs located in North America or, indeed, even with allied democratic nations.