china – Page 5 – SSL and internet security news

China Spying on Undersea Internet Cables

April 15, 2019 infossl

backdoors, china, espionage, nationalsecuritypolicy, Security technology, supplychain

Supply chain security is an insurmountably hard problem. The recent focus is on Chinese 5G equipment, but the problem is much broader. This opinion piece looks at undersea communications cables: But now the Chinese conglomerate Huawei Technologies, the leading firm working to deliver 5G telephony networks globally, has gone to sea. Under its Huawei Marine … Read More “China Spying on Undersea Internet Cables” »

Friday Squid Blogging: Chinese Squid-Processing Facility

March 1, 2019 infossl

china, Security technology, squid

China is building the largest squid processing center in the world. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico

Attacking Soldiers on Social Media

February 26, 2019 infossl

china, impersonation, military, Security technology, socialengineering, socialmedia

A research group at NATO’s Strategic Communications Center of Excellence catfished soldiers involved in an European military exercise — we don’t know what country they were from — to demonstrate the power of the attack technique. Over four weeks, the researchers developed fake pages and closed groups on Facebook that looked like they were associated … Read More “Attacking Soldiers on Social Media” »

China’s APT10

December 31, 2018 infossl

china, hacking, nsa, Security technology

Wired has an excellent article on China’s APT10 hacking group. Specifically, on how they hacked managed service providers in order to get to their customers’ networks. I am reminded of the NSA’s “I Hunt Sysadmins” presentation, published by the Intercept. Powered by WPeMatico

Marriott Hack Reported as Chinese State-Sponsored

December 13, 2018 infossl

attribution, china, hacking, hotels, Security technology

The New York Times and Reuters are reporting that China was behind the recent hack of Mariott Hotels. Note that this is still uncomfirmed, but interesting if it is true. Reuters: Private investigators looking into the breach have found hacking tools, techniques and procedures previously used in attacks attributed to Chinese hackers, said three sources … Read More “Marriott Hack Reported as Chinese State-Sponsored” »

That Bloomberg Supply-Chain-Hack Story

November 30, 2018 infossl

backdoors, china, dhs, hacking, hardware, Security technology, supplychain

Back in October, Bloomberg reported that China has managed to install backdoors into server equipment that ended up in networks belonging to — among others — Apple and Amazon. Pretty much everybody has denied it (including the US DHS and the UK NCSC). Bloomberg has stood by its story — and is still standing by … Read More “That Bloomberg Supply-Chain-Hack Story” »

How Surveillance Inhibits Freedom of Expression

November 26, 2018 infossl

censorship, china, privacy, Security technology, socialmedia, surveillance

In my book Data and Goliath, I write about the value of privacy. I talk about how it is essential for political liberty and justice, and for commercial fairness and equality. I talk about how it increases personal freedom and individual autonomy, and how the lack of it makes us all less secure. But this … Read More “How Surveillance Inhibits Freedom of Expression” »

Cell Phone Security and Heads of State

October 30, 2018 infossl

china, eavesdropping, essays, iphone, nationalsecuritypolicy, phones, russia, Security technology

Earlier this week, the New York Times reported that the Russians and the Chinese were eavesdropping on President Donald Trump’s personal cell phone and using the information gleaned to better influence his behavior. This should surprise no one. Security experts have been talking about the potential security vulnerabilities in Trump’s cell phone use since he … Read More “Cell Phone Security and Heads of State” »

More on the Supermicro Spying Story

October 29, 2018 infossl

china, espionage, hardware, Security technology

I’ve blogged twice about the Bloomberg story that China bugged Supermicro networking equipment destined to the US. We still don’t know if the story is true, although I am increasingly skeptical because of the lack of corroborating evidence to emerge. We don’t know anything more, but this is the most comprehensive rebuttal of the story … Read More “More on the Supermicro Spying Story” »

China’s Hacking of the Border Gateway Protocol

October 24, 2018 infossl

academicpapers, bgp, china, hacking, Security technology

This is a long — and somewhat technical — paper by Chris C. Demchak and Yuval Shavitt about China’s repeated hacking of the Internet Border Gateway Protocol (BGP): “China’s Maxim Leave No Access Point Unexploited: The Hidden Story of China Telecom’s BGP Hijacking.” BGP hacking is how large intelligence agencies manipulate Internet routing to … Read More “China’s Hacking of the Border Gateway Protocol” »