The world is abuzz with reports that the U.S. government (specifically the National Security Agency or NSA) has found a way to embed its espionage programs within hard drives – making these programs undetectable to anti-virus programs and virtually irremovable even if detected. My colleague Franz-Stefan Gady has the details of the report over at our Flashpoints blog.
The news comes as the U.S. and China continue to butt heads over cybersecurity issues – including the appropriate bounds of cyberespionage.
The revelation is contained in a report issued by Kaspersky Lab, a Russia-based cybersecurity firm. The hacking group identified by Kaspersky (and reported by others to be tied to the NSA) apparently discovered a way to infect firmware, meaning the infection essentially cannot be removed from the computer. According to Kaspersky, the hackers could access virtually every hard drive on the market, including those manufactured by Seagate, Toshiba, IBM, Micron, and Samsung. Kaspersky researchers believe the hackers must have had access to the actual source code of these hard drives – information that the NSA may have obtained directly from the companies themselves.
That is precisely Beijing’s greatest fear. Ever since the Edward Snowden leaks, Chinese officials and media outlets have publicly discussed the dangers of using Western technology. In 2013, China Economic Weekly coined the term “eight guardian warriors” to refer to eight U.S. companies that have become indispensable to China’s information infrastructure: Cisco, IBM, Google, Qualcomm, Intel, Apple, Oracle, and Microsoft. China’s reliance on these U.S. firms had long been seen as a security risk; Snowden’s revelations about NSA activities provided confirmation of those fears.
That article marked the beginning of a concerted effort to wean China off its reliance on U.S. tech by creating domestically developed technology. By November 2013, Chinese government procurement regulations were actively encouraging buyers to “buy local.” In May 2014, a report from China’s Internet Media Research Center accused Microsoft, Yahoo, Google, Facebook, YouTube, Skype, AOL, and Apple of cooperating with the NSA’s cyberespionage efforts. And in December 2014, Bloomberg reported that by 2020, China’s government wants to have domestic Chinese alternatives completely replace foreign tech in key sectors (including government agencies, the military, and financial institutions).
Now the Kaspersky report essentially confirms that Chinese fears are true – the NSA (which, it should be noted, is not actually named in Kaspersky report) is using its access to source codes to infect hard drives. China was one of the countries with a “high infection rate” from the hacker group, the report said, with identified infections at universities and diplomatic institutions (including embassies). The new report will provide even more impetus for China’s efforts to bolster domestic tech at U.S. firms’ expense – and could prove critical to countering any trade suits the U.S. government might seek to bring to against China’s new tech regulations.
Of course, not all the hard drives exploited by the hackers are manufactured by American companies. It’s entirely possible that NSA cyberespionage efforts could also penetrate domestic Chinese hard drives – but China is betting it will at least be more difficult.
The new report comes as cybersecurity is heating up again as an issue in U.S.-China relations. The Obama administration seems to have pegged cyber issues as a major focus ahead of Xi Jinping’s September visit to the U.S. Over the past several years, Washington has been more open about accusing China of cyber espionage; China in turn has become more vocal about its own complaints.
With China in the middle of its New Year holiday, there’s been very little in the way of an official reaction to the Kaspersky report so far. Foreign Ministry spokesperson Hua Chunying addressed the issue briefly in a press conference on Tuesday, saying that she knew of the report but was “not aware of the specifics.” Hua gave only a general answer to questions about China’s take: “The stance of the Chinese government on issues relating to cyber security is clear and consistent. We are against all forms of cyber attacks and activities creating hostility or confrontation in the cyber space.”
Officially, China might not have much else to say (as I mentioned elsewhere, both China and the U.S. will try hard to keep their relationship on an even keel in the lead-up to Xi’s visit). China’s media outlets, however, will be free to take full advantage of the new report the next time a U.S. official tries to point the finger at China for sponsoring cyber espionage.