US accuses China Telecom of internet hijack

China Telecom has denied the claim.

The US-China economic and security review commission said the telco's actions caused other servers around the world to route all traffic to about 15% of the internet's destinations through servers in China.

"This incident affected traffic to and from US government (.gov) and military (.mil) sites, including those for the Senate, the army, the navy, the marine corps, the air force, the office of secretary of defense, the National Aeronautics and Space Administration, the Department of Commerce, the National Oceanic and Atmospheric Administration, and many others," the report said.

It added that the commercial websites for Dell, Yahoo, Microsoft, and IBM were also affected.

The commission admitted it had no way of knowing what, if anything, the Chinese did with the data, but said such incidents had serious implications.

"This level of access could enable surveillance of specific users or sites. It could disrupt a data transaction and prevent a user from establishing a connection with a site. It could even allow a diversion of data to somewhere that the user did not intend (for example, to a 'spoofed' site)", it said.

It quoted Arbor Networks chief security officer Danny McPherson, saying the volume of affected data could have been intended to conceal one targeted attack.

Robert Hayes, senior fellow at Microsoft's Institute for Advanced Technology in Governments, told the House of Commons science and technology committee that attackers tested their cyber weapons on live systems, It was important for government to maintain and increase engagement with the IT industry, said Hayes, because industry was be best placed to give a global perspective.

The commission said diffusion of internet security certification authorities meant control over diverted data "could possibly allow a telecommunications firm to compromise the integrity of supposedly secure encrypted sessions".

Reuters, which obtained a copy of the report before publication, reported that China Telecom sent it an e-mail saying that it "denied any hijack of internet traffic".

The report also referred to China's censorship of the net. It heard evidence that "it's not that [China's] government is controlling everything. But they're controlling [access to information] enough that they're preventing any serious challenge to the Communist Party's authority."

The commission concluded that Chinese agents continued to hack into US and other national and commercial computer systems. Their methods were generally growing in sophistication. They were making increased use of social networking tools and malicious software tied to the criminal underground.

"Recent high-profile, China-based computer exploitations (including the Google hack) continue to suggest some level of state support. Indicators include the massive scale of these exploitations and the extensive intelligence and reconnaissance components," it said.

It warned that Chinese authorities were tightening restrictions on foreign high technology firms' ability to operate in China. It said new regulations could lead either to bans on Chinese operations or expose their security measures or even their intellectual property to Chinese competitors.

This story was first published by Computer Weekly

What’s Hot on Infosecurity Magazine?