China might have used its technology & powers to spy

On the back of WikiLeaks a report by the US-China Economic and Security Review Commission raises the prospect that China might have used its technology and powers to "assert some level of control over the internet". Earlier this year Google announced that Chinese hackers had tried to access the email accounts of human rights activists in the country in a "highly sophisticated and targeted attack", while the Chinese government has blocked access to popular websites such as Wikipedia and BBC News. The US report provides previously unpublished details about a suspected hijack of almost one-seventh of all internet traffic, which originated in China. The incident took place for 18 minutes on April 8 2010 and the state-owned China Telecom advertised 'erroneous' network routes which led to traffic going to 15 per cent of all internet destinations being sent via servers in China. These involved official US websites such as the Senate, army, navy, Marine Corps and NASA as well as leading technology companies like Microsoft, IBM and Yahoo. A handful of websites based in Britain were also affected, including websites in Australia and within China itself.

The attack took advantage of technology and the way that data is sent via computer servers situated all around the world to reach websites. When an internet user in, for example, California wants to look at a website based in Texas, the data makes several short 'hops' via servers on the way. Data is meant to travel by the most efficient route however this can be manipulated, as servers based in China can suddenly announce that they provide the quickest route to various websites. One of the techniques they have used to set up false social network accounts on sites such as Facebook in order to bypass established firewalls.

The Commission admitted it did not know if the hijacking was intentional or what happened to the data, but the report states: "This level of access could enable surveillance of specific users or sites." During this incident computer users could also have been prevented from accessing their intended websites, or been sent to fake sites, and perhaps most disconcertingly the operation could have allowed hacking of supposedly secure encrypted sessions. The large volume of data diverted could have been intended to conceal one targeted attack. The Chinese have also targeted Indian government offices and the office of the Dalai Lama, stealing secret and confidential documents, according to reports earlier this year.

Britain's secret intelligence, MI5 and GCHQ have issued a series of warning about Chinese attempts to hack systems in Britain over the past three years. The redirection of traffic isn't just political espionage as the inclusion of data from Dell, IBM, Microsoft and Yahoo raises concerns around corporate espionage and technology.

Photo credit: Ivan Walsh