The Hidden China’s Maxim – Leave No Access Point Unexploited: The Hidden Story of China Telecom’s BGP Hijacking

Hijacking Internet Traffic not covered by the anti-theft 2015 Xi-Obama Agreement Surprisingly, the voluntary 2015 Xi-Obama agreement stopping military forces from hacking commercial enterprises for economic gain did appear to dramatically reduce Chinese theft efforts against western targets. China’s technological development process, however, was still dependent on massive expropriation of foreign R&D.


Click the image above to go to the paper

This necessitated new ways to get information while still technically adhering to the agreement. Since the agreement only covered military activities, Chinese corporate state champions could be tasked with taking up the slack. But even Chinese multinationals, such as Huawei or ZTE, were already being viewed with suspicion. Instead data suggests the government opted to leverage a seemingly innocuous player – one that is normally viewed as a passive service provider – to target the foundational infrastructure of the internet to bypass the agreement, avoid detection, and provide the necessary access to information.

Enter China Telecom3 – a large state champion telecommunications company – as an option. While the 2015 agreement prohibited direct attacks on computer networks, it did nothing to prevent the hijacking of the vital internet backbone of western countries.

Conveniently, China Telecom has ten strategically placed, Chinese controlled internet ‘points of presence’4 (PoPs) across the internet backbone of North America. Vast rewards can be reaped from the hijacking, diverting, and then copying of information-rich traffic going into or crossing the United States and Canada – often unnoticed and then delivered with only small delays.

This essay will show how this hijacking works, and how China Telecom seems to employ its distributed points of presence (PoPs) in western democracies’ telecommunications systems to selectively redirect internet traffic through China. It will show the observed routing paths, give a summary of how one hijacks parts of the internet by inserting these nodes, and outline the major security implications.

These Chinese PoPs are found all over the world including Europe and Asia. The prevalence of – and demonstrated ease with which – one can simply redirect and copy data by controlling key transit nodes buried in a nation’s infrastructure requires an urgent policy response. To that end, we recommend an ‘Access Reciprocity’ strategy for vulnerable democracies – one that is

We at Adept Technologies recommend that all Cyber Professionals read this paper.

Contact us today toll free 1-888-392-9623 to find out more on how Adept Technologies can save you money by utilizing our services and technology.

Comments are closed.