Tuesday, February 26, 2013

Chinese Hardware - A Cyber Security Threat to India


Chinese Hardware - A Cyber Security Threat to India

I remember when I was a child and use to ask questions to self, if Japanese wants to revenge on USA then are they putting some kind of Trojan bombs activated remotely in various televisions, music systems, Water Heaters, emergency lights and cars they export heavily and cheaply to the USA. Japanese could in the long awaited need of revenge and what could worst then detonating multiple bombs in the television sets across American cities and causing panic with havoc without any atom bomb.
These Chinese have resident revenge in their minds because of India being towering in the Asian region with IT revolution and largest English speaking population. Indians also always keep china scratching them wrongly by exhibiting His Holiness Dalai Lama.
Now let’s look at how cyber security critical items are being used by Indian companies in the pretext of cost cutting and Chinese executives who serve majorly there state are fully aware the “kanjusi“ or more white collar word “value for money” buying psyche of Indians. Many a times to please higher up bosses all executives have this mantra of getting cheap things which look overtly technologically advance but covertly are security wise harmful and dangerous to security posture of the organization and the country.
Items being used, bought or I say covertly forced to buy are
1. Routers
2. Switches
3. Devices & Chips used for data transmission
4. Mobile phones
5. Cameras

India has load of Cheap Routers from Huawei and ZTE and according to a U.S. Congressional intelligence committee report made public on October 8 2012.Chinese routers from Huawei and ZTE are "a threat" for the United States, or even the world, The committee suspects that these machines, which transmit Internet communications, could be working for the Chinese government. These two Chinese telecom firms, already singled out by the U.S. Department of Defense, as well as, in France, by Senator Jean-Marie Bockel.
The American authorities have suspected for a long time that chips, routers, and other digital equipment from China could be equipped with "back doors," hidden access that would allow an ill-intentioned remote user to connect, giving the Chinese government the chance to access sensitive information as it passes through the machines.

Chinese made pen drives specially unbranded or pirated are now considered threat world over due to firmware present in the pen drive which can be vary of harping data from millions of machines to which it is attached. According to Chief of Army Staff General Bikram Singh, restricting the use of pendrives and PowerPoint presentations is the key to preventing cyber invasion against India. Analysis of Indian cyber breaches have shown that over 70 percent have been caused by the use of USB Pen drives. General Singh has also ordered that all sensitive war plan meetings be done paperless and that PowerPoint use is to be restricted. His he even suspecting Microsoft?
This is not the first time that the two Chinese manufacturers have been under fire. In August 2012, Felix Lindner and Gregor Kopf, computer security specialists at Recurity Labs, criticized the vulnerability of Huawei's machines. According to Felix Lindner, Huawei routers are actually dangerous. Even earlier, the alarm was sounded by Jean-Marie Bockel, a centrist French senator and former secretary of state for defense. On July 19, the senator presented a report on French cyber-defense. It proposed "banning at-risk routers and other core network equipment." On his short list of brands to ban: Huawei and ZTE.

According to the Bockel report, "There is nothing to prevent a country that produces network routers from inserting devices for surveillance or interception, or even a system that completely interrupts all communication at any time." Bock also asked for a ban on the sale or use of Chinese equipment to companies that manage Internet communications.

I feel greatest threat to the world from Chinese manufacturers are from mobile phone devices, even leading brands manufacture from cheaper Chinese companies. The amount of malware on mobile platforms and dependency on mobile phones by individuals and corporate have both increased exponentially across the world.
Mounting worries that smartphones and tablets represent the next frontier for malware, security researchers have discovered a vast botnet on over a million devices in China. The Chinese news agency Xinhua and the BBC report that the botnet makes it so that smartphones can be hijacked remotely, potentially for DDOS attacks  or other malevolent purposes. As recently as September of 2011, it was big news to find 20,000 Android devices communicating with known criminal command and control networks on a given week. One of the worst Android botnets to date was called Rootstrap; it was reported to have reached 100,000 compromised devices about a year ago. 
I strongly feel android users while accessing Chinese apps on even Indian phones (if there exists any?) should be very cautious and avoid getting into the great data mining trap set up by Chinese app makers.

Finally, china has made art of camera making a joke, today in only hundreds of rupees you get filthy branded Chinese cameras which are used for various espionage related operations. Majority of IP cameras are imported from china in throw away rates with no or very little certification, I see CCTV cameras been widely put up by municipalities and police for increased surveillance. Now the billion dollar question who is surveilling who?
OMG are we using thermal cameras or night vision cameras on our defence equipments on old our pricey birds  or on LOC, Time save us from china coz everything seems to be Made in China except our babies..




Adv Prashant Mali is a Cyber Security & Cyber Law Expert in India

Note: While writing this to various material available on Internet was made referred also


No comments:

Post a Comment

Navy man in Jail for 2 years for Child Pornography, cyber crime in India

Navy man gets 2 years Jail for Child Pornography, cyber crime in India : Cyber crime conviction By Prashant Mali In the case of D...