China continues to violate its international obligations by pursuing import substitution policies, imposing forced technology transfers, engaging in intellectual property theft in cyberspace, and impeding the free flow of information and trade. The Chinese government is hell-bent on stealing technology, regardless of economic sector, and using it to undermine business and further dominate the market.
Over the past 6 months, experts have identified 20 Chinese malicious organizations that have conducted nearly 70 new organized and targeted cyber attack campaigns in the BRI (Belt and Road Initiative) countries and beyond. These groups include Bronze Starlight (RAT, ransomware), TA428 (malware, bootloader, backdoor), Aogin Dragon (backdoor, APT), Flubot (bot attacks), and others.
Telecommunications infrastructure (especially the Internet) is a huge challenge and opportunity in the Middle East and Africa (MENA). Although each of the countries in this region has a huge population, they have limited access to the Internet. Governments in the Middle East and other developing countries are scrambling to provide connectivity for their people. The increase in demand for connectivity has created opportunities for foreign telecom providers, especially from China, to step in and offer their sneaky credit, expertise and technology providers, such as China’s own Huawei, ZTE and others.
With a strategy of investing in critical infrastructure projects, China has partnered with more than 140 countries around the world to build ports and highways; improves the railway; modernizes power plants, airports, and communications infrastructure and does so through predatory credit and debt repayment schemes that ultimately bankrupt its victims.
China has built most of the major undersea internet cables that are essential for connecting the Middle East to the rest of the world. Submarine Internet cables represent the majority of fiber optic cables worldwide. They are responsible for carrying almost all Internet traffic to and from the countries, creating significant cybersecurity and data collection challenges for China’s “partner countries,” which account for nearly 70% of the 4G Internet infrastructure in the Middle East. China’s global 4G dominance gives the country a significant advantage. As the developed countries of the world move to 5G, it is unrealistic for these countries to change their existing providers. China actually creates points of listening (interception) of data and conducting intelligence for the countries they help. State-sponsored cybercriminal organizations are working hard to support China’s BRI ambitions.
Currently, in China, more than 40 cyber groups are working to gain unauthorized access and exploit government operations (46 cyber attacks in the last 3 months), financial services (27 cyber attacks), industrial (17 cyber attacks), telecommunications (15 cyber attacks), energy and utilities (14 cyber attack).
Huawei, ZTE and other Chinese companies have close ties to China’s People’s Liberation Army (PLA) and are subject to China’s national intelligence laws. In particular, Article 7 says: “Any organization or citizen is obliged to support, assist and cooperate with the state intelligence work in accordance with the law, as well as to keep known public secrets of the national intelligence work.” These companies gather intelligence, monitor users (malicious), steal secrets and intellectual property to help the PLA achieve its goals regardless of borders. There is no doubt that cheap networking and communications equipment China collects public and intelligence data, surveils ill-wishers, and steals intellectual property through known cybersecurity flaws and backdoors.
For developing countries, the BRI is a sneaky deal to get MENA countries into the next generation of their internet infrastructure. China’s tactics allow it to strengthen its presence as a major provider of Internet and critical infrastructure in the Middle East. On its current path, China is seizing African markets for future iterations of the Internet while increasing its intelligence-gathering capabilities. Countries in the MENA region see the prospect of increased connectivity and modernization, but this comes at the expense of privacy and freedom. China’s BRI program is at first glance appealing to politicians and bureaucrats to improve infrastructure, create new jobs and stay in power. However, China’s efforts are coming at a high price for these countries.
China, in partnership with Sri Lanka’s former president, rolled out several mega-projects, including a new deep-sea port, an airport, roads and a new convention center. The government willingly agreed to a financial deal that left Sri Lanka in an unjustified debt situation. According to the terms of the agreement, China seized the deep-sea port. Several politicians, including the soon-to-be former president of Sri Lanka, face charges and lengthy prison terms.
Cambodia recently agreed to build a new deep-sea port. When the government defaulted on the deal, China evicted its tenants and built a large naval base in its place, creating a serious security threat in the region.
Most governments and organizations are unable to adequately respond to China’s colonization efforts. Therefore, Western governments and telecommunication providers should invest in similar initiatives and projects, as well as create a viable alternative to Chinese network and communication equipment. Belief in conventions such as the rule of law, the mutually agreed goals of joint business ventures, and diplomatic solutions to intellectual property rights violations have no bearing on China’s relentless pursuit of its goal of global dominance. The belief that these conventions will stop or even slow China’s steady progress based on the systematic theft and repurposing of data and intellectual property now appears naive and completely ineffective.
All signs indicate that China’s strategy of “hiding his abilities and waiting” is giving way to “shaking the world”. Adequate support for the protection of critical computer networks and data must be provided, assessing the adequacy and, if necessary, providing additional funding for military, intelligence, and homeland security programs that monitor and protect critical computer networks and sensitive information, including those responsible for protecting networks from damage caused by cyber attacks.