Secrecy surrounds the GFW but it is China’s Internet backbone and guardian, the country’s deepest layer of communications infrastructure through which all Internet traffic must eventually pass, specifically at three international gateways that connect China’s Internet to the wider world: the Beijing-Tianjin-Qingdao connection point, in Shanghai, and in Guangzhou. For a country with more than 500 million Internet users surfing, texting, downloading, emailing, this is a small set of funnels, but the routers automatically inspect all traffic moving in and out, acting as a kind of border patrol. Requests for content that contains banned keywords, domains, or IP addresses are punted back unceremoniously. Unlike other countries that impose national Internet censorship regimes and that present back to the user a “blocked” or “forbidden” page, the Chinese system sends a wrench into the user’s machine, a “reset” packet that disables the connection and sends back a standard error message giving the impression that the content requested doesn’t exist (“file not found”) or that something is wrong with the Internet. It’s an ingenious way to frustrate users: if you make some websites persistently inaccessible, slow, or maddeningly unreliable for long enough, most people will eventually look elsewhere. Meanwhile, certain Chinese-based content is made widely and freely available for those who want to surf a Net, if not the Net. What other functionalities are contained in these gateway routers – surveillance through deep packet inspection of email, for instance – is anyone’s guess, but most cyberspace analysts suspect that the gateways are designed not just to block content but also to siphon up and monitor communications.
The GFW is part of an elaborate regime of domestic cyberspace controls, one element in China’s overall information and communications strategy. It is reinforced by a thicket of laws, policies, regulations, and policing up and down the ecosystem of Internet communications. Contrary to principles of network neutrality, ISPs, hosting companies, websites, chat clients, and blogs operating in China are all required to police their networks. Internet cafés are routinely surveilled, and all individuals and organizations are held accountable by law for what they do and post online. According to a 2010 White Paper published by the Chinese government:
No organization or individual may produce, duplicate, announce or disseminate information having the following contents: being against the cardinal principles set forth in the Constitution; endangering state security, divulging state secrets, subverting state power and jeopardizing national unification; damaging state honor and interests; instigating ethnic hatred or discrimination and jeopardizing ethnic unity; jeopardizing state religious policy, propagating heretical or superstitious ideas; spreading rumors, disrupting social order and stability; disseminating obscenity, pornography, gambling, violence, brutality and terror or abetting crime; humiliating or slandering others, trespassing on the lawful rights and interests of others; and other contents forbidden by laws and administrative regulations. These regulations are the legal basis for the protection of Internet information security within the territory of the People’s Republic of China. All Chinese citizens, foreign citizens, legal persons and other organizations within the territory of China must obey these provisions.
(If the Puritans suffered from a profound fear that someone, somewhere was having a good time, given these “provisions” what can we say about the Chinese government?)
China routinely downloads responsibilities to police the Internet to the private sector, which must follow government regulations in order to be allowed to operate. In 2008, the Citizen Lab discovered that the Chinese version of Skype, TOM-Skype, was coded in such a way that it secretly intercepted private (and encrypted) chats whenever people used any number of banned keywords – Tiananmen and democracy, to name two. Despite the outrage after the release of our report and the condemnation levelled at Skype for colluding with Chinese authorities, four years later the same system is still in place. In fact, it is now more elaborately designed and frequently updated, sometimes on a daily basis in response to current events like the ongoing dispute with Japan over islands in the South China Sea, or the controversy around disgraced Communist Party official Bo Xilai. In fact, all Internet companies operating in China – Baidu, Sina, Tencent QQ, Youku, and others – are required to stop the “spread of harmful information” over their networks. The policing is typically undertaken through filtering and surveillance of the type TOM-Skype engages in, enforcing the use of real names in registration processes (to eliminate anonymous postings), and even direct intervention by paid officials in forums warning users not to engage in unwelcome, perhaps even illegal, discourse.
While downloading control to manufacturers of equipment and services is routine in China, occasionally there is pushback. For example, a proposal to have all new PCS manufactured in China come pre-equipped with the Green Dam censorship system met with widespread condemnation from users and was withdrawn. However, though the Green Dam was a big “ask” even for the Chinese government, more often than not companies simply comply in order to do business.
The system is hardly foolproof. Researchers at Cambridge University, for instance, once demonstrated how easy it would be to disable the GFW, and even without outside meddling the gateway routers can be overwhelmed by peak usage. Also, technical means to circumvent the GFW are plentiful. Using tools like Tor, Psiphon (a circumvention tool invented in the Citizen Lab in 2006, and now a private Canadian company), and commercial virtual private networks (VPNS), many users play a cat-and-mouse game with authorities; by some estimates millions break through censorship walls on a daily basis. Chinese citizens have also proven themselves adept at outflanking and mocking the censors. Code words, metaphors, neologisms, and ingenious images circulated as Internet memes are used in place of conventional terms to circumvent Skype and other companies’ filtering and surveillance regimes. So, when any reference to “Bo Xilai” was censored, Internet users began referring to him as “Gua’s Father” instead (indicating that Bo Xilai is the father of Bo Guagua), until that term was filtered, and so on. The average Chinese user might go days without bumping into attempts of state control online, but the threat is always lurking. In this sense the system is less like 1984 and more like Jeremy Bentham’s Panopticon, a system that gives the feeling of being watched, that someone somewhere knows what you’re doing. No doubt, this creates considerable self-censorship, especially when combined with high-profile arrests of those who openly challenge the system.
It’s noteworthy that China’s cyberspace strategy – unlike, say, North Korea’s – is not aimed at completely isolating the country’s population from outside influence. Rather, it’s deliberately designed to take advantage of information and communications technologies which the Chinese see as critical to their long-term future, while maintaining political stability around one-party rule. Continued economic prosperity is essential to the legitimacy of the Chinese Communist Party, and information and communications technologies are central to a burgeoning knowledge economy. China doesn’t fear the Internet; rather it embraces its own particular version of it. Indeed, the Chinese are building a robust alternative design that may actually be succeeding.
• • •
Often ignored is the connection between China’s domestic controls and the international dimensions of its cyberspace strategy. Part of China’s objective is the wholesale exploitation of cyberspace for intellectual property, political espionage, and targeted threats against meddlesome human rights, ethnic, and religious groups the government describes as separatists or terrorists. It has pioneered ways to vacuum up information of strategic value to the government and national industries, and has done so without shame. The GhostNet probe may have been one of the first to expose what this looks like from the inside out, but it was neither singular nor unique. Evidence of GhostNet-like compromises now surface almost weekly, and show a level of audacity and rapaciousness that is remarkable: dozens of government ministries and departments, from spy agencies to prime ministers’ offices in numerous c
ountries, have been breached, with all the perpetrators having operated out of Chinese Internet networks. Scores of defence, aerospace, petrochemical, nuclear, and communications companies have all been infiltrated, and dozens of NGOS have had their computers turned into the digital equivalent of wiretaps.
A particularly noteworthy case is Canada’s Nortel Networks, which was thoroughly compromised for nearly ten years. In 2012, ex-Nortel employee Brian Shields, who had led the forensic investigation of the compromise, came forward to disclose his experiences. According to Shields, the breach (which Shields traced back to IP addresses in China) was so thorough that the attackers had control of seven passwords from top company executives, including the CEO, which gave them complete and direct access to the company’s internal secrets and intellectual property. (Attackers downloaded technical papers, R&D reports, business plans, employee emails, and other documents from computers under their control.) Shields discovered the breach in 2004, but his warnings were constantly ignored by top executives, one of whom (former CEO Mike Zafirovski) subsequently admitted that they just “did not believe it was a real issue.” Shields estimates that the attacks had been going on since at least 2000, and lasted nine years. Nortel went bankrupt in 2009, and Shields’s revelations have caused many to wonder about the possible connections between the breaches, its demise, and the rising fortunes of Nortel’s chief China-based competitors, Huawei and ZTE.
In 2012, China’s state-owned company, Sinopec Corp., made a controversial bid to acquire Talisman Energy, one of Canada’s top oil and gas exploration companies, for more than $1.5 billion. While Canadian news reports focused on the question of foreign ownership of national assets, few noticed that Talisman Energy had been victimized by a major China-based cyber espionage operation called Byzantine Hades in 2011. The attackers gained access to Talisman’s Asian-based networks, and had control of them for over six months. (Notably, a Bloomberg News report on this issue disclosed that the same Chinese attackers, called The Comment Group, had infiltrated the computer of a Canadian Immigration and Refugee Board adjudicator involved in the case of Lai Changxing, a Chinese tycoon extradited by Canada to China, where he is now serving a life sentence in prison.) There is no evidence connecting the hackers to the Talisman takeover bid, but it certainly raises some intriguing questions about whether, and/or to what extent, information gleaned by the attackers made its way to Sinopec.
In 2001, three individuals working for the state-owned Datang Telecom Technology Company of Beijing were indicted for stealing secrets from U.S.-based Lucent Technologies. In 2002, two people funded by the City of Hangzhou were indicted for stealing secrets from several Silicon Valley technology companies, including Sun Microsystems and NEC Electronics. In 2003, an employee of PetroChina working with U.S.-based 3D-GEO was found to have copied up to $1 million of 3D-GEO’S proprietary source code for seismic imaging onto his laptop. In 2009, an employee at Ford Motor Company was arrested and found guilty of stealing trade secrets on behalf of Beijing Auto. When such cases are combined with the reports of widespread China-based cyber espionage, it raises the question: Is it all part of a deliberate campaign?
While cyber theft and spying are menaces, the potential military implications are more frightening. It’s unlikely that China would see any benefit in an armed conflict with the United States, but Chinese military literature emphasizes its capacity to degrade American satellites, as well as its other surveillance systems, should an armed conflict occur. Like those of many other countries, China’s military planners have fully integrated cyber warfare into their military doctrine and operational plans. Because the U.S. has a military alliance with Taiwan and Japan, in the event of a regional war – say, over Taiwan or the disputed islands of the South China Sea – the People’s Liberation Army would be hard pressed not to deploy its cyber warfare assets to confuse, deter, and even disable American military and civilian assets. As the Stuxnet worm aptly demonstrated in 2010, a menacing virus or trojan horse can be used to sabotage critical infrastructure. Such an attack would invariably provoke a wider response from the U.S., which now defines a cyber attack as an act of war. As security strategist Herman Kahn noted about the Cold War, this can be described as an “escalation ladder,” one step leading to another, further and further into an armed imbroglio that neither side fully controls or desires.
Part of China’s international strategy revolves around the setting of technical standards, like those relating to wif protocols. In the early 2000S, after China lobbied unsuccessfully to have its WAPI standard for wireless networking adopted internationally, its government turned to promoting WAPI (WLAN Authentication and Privacy Infrastructure) as the domestic standard instead, making many handsets less than fully functional. For example, the official Chinese iPhone offered by China Unicom didn’t include wifi (which helps explains the burgeoning iPhone grey market in the country). However, in 2010 Apple introduced a new-generation iPhone with the China-preferred WAPI wireless standard on its handsets, as did Motorola and Dell. In discussing such standards, it is noteworthy that Huawei is now the world’s largest telecom equipment manufacturer, bypassing Sweden’s Ericsson in 2011, and China’s Lenovo is now the second-largest PC maker in the world, behind only Hewlett-Packard. Technical standards are the sine qua non of cyberspace control: they shape the realm of the possible, structure the limits of what is permissible, and define a path of dependency for future trajectories of technical development that is difficult to escape. When millions of devices worldwide contain a particular country’s standards, those devices are linked to that country’s industry and manufacturing base, and contain a structure of rules that are set by the decisions of that one country.
• • •
While technical standards-setting may work in indirect ways to further China’s influence abroad, its policy engagement at regional and international forums is more directly illustrative of its determination to control cyberspace. China’s participation at international forums where global cyberspace rules are debated has grown significantly, its agendas more clearly articulated and promoted. The country’s representatives come in force, usually well prepared and organized around a common agenda at the Internet Corporation for Assigned Names and Numbers (ICANN), the Internet Engineering Task Force (IETF), the International Telecommunications Union (ITU), the UN Group of Governmental Experts on Cyber Security, and, as we discovered, the Internet Governance Forum. Their actions at the book launch may have been Monty Pythonesque, but the long-term effect of China’s influence on the IGF is anything but laughable. Presently the IGF reports to the UN Department of Economic and Social Affairs, whose top person just happens to be Mr. Wu Hongbo of China.
China is also active at a regional level, as evidenced by its leadership, along with Russia, in a security alliance called the Shanghai Cooperation Organization (sco). The SCO also includes Kazakhstan, Kyrgyzstan, Tajikistan, and Uzbekistan. Afghanistan, India, Iran, Mongolia, and Pakistan have observer status, and Belarus, Sri Lanka, and Turkey are dialogue partners. The organization is used to coordinate security concerns, primarily through the Regional Anti-Terror Structure, known by its acronym RATS. At RATS and SCO meetings member states’ security services coordinate anti-terror exercises and share information on “threats” – which many human rights groups suspect include domestic opposition groups. Transparently, the intent is to restrict citizen-led revolts like those of the Arab Spring, tied as they were to social media. At a 2012 meeting of the RATS, Sergei Smirnov, first deputy director of Russia’s secret service agency, the FSB, said: “New technologies are used by Western secret services to create and maintain a level of continual tension in society with serious intentions extending even to regime change … Our elections, especially the presidential election and the situation in the preceding period, revealed the potential of the blogosphere.”
The information and technology sharing that goes on through RATS and SCO demonstrates a clear trend: the global surveillance industry is reaping the be
nefits of regimes with intense cyber-security anxiety. American, Israeli, and Canadian companies, as well as their Russian and Chinese competitors (with close associations to ruling elites), are all inserting their surveillance products and services into the systems of control that SCO is helping to propagate across the region.
To think that the Internet embodies some kind of magical formula to resist the full weight of these pressures, let alone dissolve them upon contact, is ludicrously idealistic. The more sensible question to ask is: What will the Internet look like when the next billion users, most of whom are located in the global South and East, come online?
5.
The Next Billion Digital Natives
Somalia has not had a properly functioning government since 1991, when the country began tearing itself to shreds in a brutal civil war. More than twenty years later, warring factions continue to fight over territory, people, foreign aid, and revenues from illicit activities. This quagmire has made the country one of the world’s most dangerous places, and yet Somalia also has one of the most efficient and affordable cellphone infrastructures in Africa, if not the world. In the midst of this hardscrabble, anarchic place, there is not one but four independent and thriving cellphone providers: Hormuud, Golis, Nationlink, and Telesom. Though competitors, they connect seamlessly and offer access to most areas of the country. Somalia has the lowest international call rates in Africa, a monthly fee of just $10 gets you unlimited local calls, and the wait time for a new land line is typically only a couple of days, compared to as much as three years or more in other African states. Launched in 2010, Somalia’s mobile banking service, ZAAD, allows users to transfer funds, make purchases, pay bills, and share airtime credits with friends and family. Not surprisingly, the number of Somalis connected to the Internet has exploded from virtually nil twenty years ago to almost 40 percent of the population today.
Black Code: Inside the Battle for Cyberspace Page 8
