2010年11月22日月曜日

中国 18分間のルーティング操作

 「中国電信」が、今年4月8日に世界のインターネット通信を18分間に
わたり、「ハイジャック(乗っ取り)」をしていたと、「米中経済安保
見直し委員会」が報告した。

報告書
・WebとEmailトラフィックが米国から中国へ転送。
・トラフィックは、大半が米国発で米国の企業や政府のサイト。
 米上院、国防長官の事務所、NASA、米商務省。
・「ハイジャック」が意図的だったのか、データの収集や遮断はあったのか、
 大量のデータにターゲット型攻撃が隠されていたのかについては不明。
・ターゲット型フィッシングメールの28%は中国発。
 「中国政府との関連が疑われる」

USCC
・上海大学大学院による工作の可能性。
・中国政府は、しばしば検閲責任を百度のような私企業に委任する。
・米国のためと言いつつ、米投資家らは、百度にかなりの資金を投入している。

Googleハッキング
・Googleがハッキング被害を報告し、同国での検索の検閲をやめると宣言。
・最終的に中国政府が検閲作業を引き継ぎ、Googleの中国での営業免許を
 更新した。
・Googleハッキング犯は、ソースコードを入手。
・Baiduに、急な改良があれば、Googleのコードを使っていることを示唆
 する材料になる。

Robin Li, Baidu CEO
・百度の勝利は、中国市場に集中し、(中国政府の方針に)進んで適応をした
 ことが理由。
・4億2000万人がインターネットを利用可能で、うち99%が百度を利用。
・国際的成長を見て日本に移転済み。

MSNも百度も現地の法律に従うとしていたので、中国国内でやっている
思っていたが、百度は日本に移転しているとのことなので、もし、日本
国内にサーバーを設置し、中国政府より指示された検閲を実施していると
すれば、日本国憲法違反となる。MSNも米国で同様なら、合衆国憲法違反だ。

最近は、クラウド・コンピュータなる構成になり、ネットワークで世界に
分散化し、設置している可能性がある。検閲のような目に見えない違反の
摘発は不可能なのかもしれない。
今回のルーティング操作も世界各地に渡るため、国外では、通信の妨害・
傍受では摘発できないと思う。

Google 北京から香港へ
グーグル Gaiaに侵入される
携帯電話は盗聴されているか
Google.cn 事業免許取得
住基カード詐取


---中国企業、ネット通信を乗っ取り 米議会が報告、傍受・改竄可能に---
2010.11.18 11:07
http://sankei.jp.msn.com/economy/finance/101118/fnc1011181108006-n1.htm

 中国の通信大手「中国電信」が、今年4月8日に世界のインターネット通信を18分間にわたり、「ハイジャック(乗っ取り)」をしていたと、米議会の諮問機関「米中経済安保見直し委員会」が17日、報告した。報告書によると、情報の傍受や改竄が可能な状態になっていたという。
 報告書は、米政府や米軍関連の電子メールなどが影響を受けた可能性があるとしながらも、実害や狙いについては不明としている。
 米国を含む多くの国のネット通信が中国にあるサーバーを経由するよう誘導することでハイジャックされたという。この間、電子メールやデータが傍受や改竄の危険にさらされたとしている。


---中国の通信会社、米国へのトラフィックを18分間「ハイジャック」――米報告---
2010年11月18日 06時00分 更新
http://www.itmedia.co.jp/news/articles/1011/18/news012.html

 意図的かどうかは不明だが、China Telecomが不正確なルーティング情報を送信し、米国サイトへのトラフィックが一時最短ルートではなく中国経由で送られていたと米中経済安全保障検討委員会が報告している。(ロイター)

 China Telecomが不正確なルーティング情報を送信し、その結果、大手企業サイトや米軍・政府サイトへのインターネットトラフィックが18分間、中国経由で送られたという事件が4月後半に発生していた。米議会の諮問機関の報告書で明らかになった。
 この件は、米中経済安全保障検討委員会が報告書で取り上げた幾つかの事柄のうちの1つ。Reutersは、11月17日(米国時間)に正式公開される報告書の草稿を入手した。
 このハイジャック事件で転送されたWebトラフィックは、大半が米国発で米国の企業や政府のサイトに向かうものだった。本来は中国経由ではなく、最短ルートで送信されるべきものだった。
 このトラフィックの一部は、米上院、国防長官の事務所、米航空宇宙局(NASA)、米商務省に向かっていたと草稿にはある。
 米中経済安全保障検討委員会は、この「ハイジャック」が意図的だったのか、データの収集や遮断はあったのか、大量のデータにターゲット型攻撃が隠されていたのかについては不明だとしている。
 「この件に関連する証拠からは、ハイジャックが意図的だったのか、もしそうなら目的は何かということははっきりとは分からない。しかしコンピュータセキュリティ研究者は、ハイジャックが可能であれば、悪意を持った危険な行為も可能になるとしている」(草稿より)
 報告書によると、ターゲット型フィッシングメールの28%は中国発だという。「この種の活動の成功事例報告は続いており、中国政府との関連が疑われるものもある」
 この報告書では、Googleと中国の対立も取り上げられている。対立が始まったのは、Googleが(中国からとみられる)ハッキング被害を報告し、同国での検索の検閲をやめると宣言したことによる。最終的に中国政府が検閲作業を引き継ぎ、Googleの中国での営業免許を更新した。
 Googleを攻撃した犯人は、ソースコードを入手したと伝えられている。おそらくは、世界で最も重要なコードだろう。専門家は、中国での GoogleのライバルであるBaiduが、突然サービスを改良しないかどうか注視している。急な改良があれば、BaiduがGoogleのコードを使っていることを示唆する材料になる。
 Googleがハッキングされたことを発表したのは異例だ。サイバー攻撃は報告されないことが多く、米連邦捜査局(FBI)の不満の種になっている。
 報告書を作成した米中経済安全保障検討委員会は、米中関係が経済や国防に及ぼす影響について連邦議会に助言するため、2000年に設立された。


---Report: Chinese company 'hijacked' U.S. web traffic---
From Dugald McConnell, CNN
November 18, 2010 -- Updated 0238 GMT (1038 HKT)
http://edition.cnn.com/2010/US/11/17/websites.chinese.servers/

Washingtom (CNN) -- Internet traffic from several U.S. government agency sites was briefly diverted through servers in China in April, congressional investigators reported Wednesday.

For 18 minutes, about 15 percent of all web traffic was redirected through China, including traffic to and from the sites of the U.S. Army, Navy, Marine Corps, Air Force, the office of the Secretary of Defense, the Senate and NASA, according to a report delivered to Congress by the U.S.-China Economic and Security Review Commission.

Investigators say the web traffic was diverted by China Telecom, a state-owned enterprise.

They do not know whether the diversion was intentional, whether the government of China played any role, or whether any sensitive data was compromised.

The report says that the irregular routing could have allowed the surveillance of users or sites, the disruption or diversion of communications and the compromising of supposedly secure encrypted sessions.

Pentagon spokeswoman Lt. Col. April Cunningham said the Defense Department "is concerned about any Internet traffic being intentionally rerouted outside of the usual operations." But, she said, "the security of Department of Defense information is not affected by misdirection of internet traffic." The Pentagon had no information to confirm whether the incident occurred, she said.

The Pentagon is in the process of establishing procedures "to address any potential current and future vulnerability," Cunningham told CNN.

Larry Wortzel, a member of the commission, said that given access to a stream of military traffic for 18 minutes, it might be possible "with really good computers" to get "a little information."

But another risk, he said, was that it could create an opening for spyware infiltration. "If you were a pretty knowledgeable intelligence service, you would get the internet addresses of everybody that communicated. And then you could essentially engineer a fake e-mail," he said, "and if someone opened an attachment, you would then insert a virus into the whole system."

The report alleges that the diversion was caused when China Telecom briefly offered a false electronic notification to internet traffic on the web, causing some traffic to mistakenly conclude that the quickest way to reach its destination was to travel through the company's servers in China.

A spokesman for the Chinese embassy in Washington rejected the claim.

"The commission's specious and unwarranted allegations against China and its enterprises are irresponsible," said Wang Baodong. "China will never do anything to harm other countries' national security, either in real or virtual worlds."

He also pointed out that China Telecom, in a statement to Reuters, has denied any hijacking of internet traffic.


---'China Telecom briefly hijacked US Web traffic'---
REUTERS, Nov 17, 2010, 03.57pm IST
http://timesofindia.indiatimes.com/tech/news/internet/China-Telecom-briefly-hijacked-US-Web-traffic/articleshow/6941501.cms

WASHINGTON: China Telecom sent incorrect routing information last April that resulted in Internet traffic to major corporate websites and US military and government sites being sent through China for 18 minutes, according to a report by a congressional advisory group.

The incident was one of several discussed by the US-China Economic and Security Review Commission. Reuters obtained a copy of the draft report, which will formally be released on Wednesday.

In the hijacking incident, the Web traffic, much of which originated in the United States and was directed toward US corporate and government websites, should have gone the shortest available route and not through China.

Some of the traffic was headed to sites owned by the US Senate, the office of the Secretary of Defense, NASA and the Commerce Department, the draft said.

The commission said it was unclear whether the hijacking was intentional or whether any data was collected or stopped, or if the massive amount of data affected concealed a targeted attack.

"Evidence related to this incident does not clearly indicate whether it was perpetrated intentionally and, if so, to what ends. However, computer security researchers have noted that the capability could enable severe malicious activities," the report said.

In all, the report said that 28 per cent of all targeted phishing emails, a type of scam, originate in China. "Anecdotal reports about the success of these activities continue to surface, some with compelling links to the Chinese government," the report said.

The report also discussed the battle between Google and China, which began with Google announcing that it had been hacked and that it would no longer censor searches for Beijing. Eventually, Beijing took over the job of censorship and renewed Google's license to work in China.

The hackers reportedly got Google's source code, perhaps the most valuable computer code in the world. Cyber experts are watching Baidu, Google's competition in China, to see if it improves suddenly. Sudden improvement would indicate that Baidu was using Google code.

Google was unusual in that it announced that it had been hacked. Failure to report attacks has been a source of frustration for the FBI.

The US-China Economic and Security Review Commission, which wrote the report, was set up in 2000 to advise the US Congress on the economic and national security implications of the US-China relationship.


---China Helped 'Hijack' U.S. Internet Traffic, Report Says---
By: Chloe Albanesius
11.17.2010
http://www.pcmag.com/article2/0,2817,2372914,00.asp

China has done little to improve access to and the security of the Internet in the last year, in some cases lending its support to Web-based attacks on foreign computer systems and tightening its control on the Internet, according to a Wednesday report.

Methods in China for infiltrating American computer systems as well as those of foreign governments have become increasingly sophisticated in the last year, but the average citizen in the country has fewer options when it comes to freedom on the Web, according to the U.S.-China Economic and Security Review Commission (USCC).

The USCC is charged with monitoring the national security implications of doing business with China. Wednesday's report is the 12-member commission's eighth report on the topic since 2000. It covers a variety of topics, including Internet freedoms, and this year's report includes 45 recommendations for Congress to consider.

"The Chinese government continues to maintain a sophisticated Internet filtering system to restrict freedom of speech," the report found. "Beyond filtering, the Chinese government has increasingly sought to direct public discussion over the Internet."

"Moreover, the penetration of Google's computer network this year has renewed concerns about the Chinese government's tolerance or possible sponsorship of malicious computer activity," the USCC continued.

The commission found "some lever of state support" for Chinese individuals and organizations that attacked American computer systems and those of foreign governments, vice chairman Carolyn Bartholomew said in a statement.

"In addition, for a brief period in April, Chinese Internet service providers 'hijacked,' or inappropriately gained access to, U.S. Internet traffic," Bartholomew said. "This incident affected numerous government sites, including those for the Senate and the Office of the Secretary of Defense."

In a statement provided to Reuters, China Telecom denied hijacking U.S. Internet traffic.

Earlier this year, Google discovered a sophisticated attack that originated in China, which was designed to steal Google intellectual property and access the Gmail accounts of Chinese human rights activists. As a result, Google said it would stop censoring its search results in China, and possibly pull out of the Chinese market altogether depending on the reaction of Chinese officials.

In a white paper released earlier this week, Google said that Internet censorship acts as an impediment to free trade; a position the USCC said was persuasively argued.

"In order to successfully reduce restrictions on and disruption of the Internet, governments must focus on three critical areas as they negotiate trade agreements: advancing the unrestricted flow of information; promoting new, stronger transparency rules; and ensuring that Internet services can be provided without a local investment," Google wrote.

"An open Internet has been and remains an absolutely critical component of the new information economy's ability to empower individuals and create shared information markets," Google continued. "Closed systems are antithetical to the Internet's success and will significantly disable its potential to support trade and innovation going forward."

Unfortunately, China does not appear to be moving away from a closed system, the USCC found.

"Our report notes that over the past year China has continued to tighten its control on the Internet, dashing hopes for the Internet to act as a means to liberalize Chinese society," Bartholomew said. "Authorities skillfully balance the need to limit speech and information on the Internet against the Chinese public's desire to participate in discourse about the country's social conditions."

The USCC said China often delegates censorship responsibilities to private companies, like Baidu. The fact that Baidu is "heavily funded by American investors [has] implications for the United States," Bartholomew said.

Google said that governments should honor World Trade Organization obligations "and develop new international rules that provide enhanced protection against these trade barriers of the 21st century."

The USCC said this approach "is particularly important in light of the proliferation of state-based Internet censorship, now employed by some 40 countries-a tenfold increase over the past decade."


---Internet traffic 'hijacked' to China servers, says US report
By Alex Ogle (AFP) - 20101117
http://www.google.com/hostednews/afp/article/ALeqM5jyMTQ5NC3NQp8H392y76tRr0mdcg?docId=CNG.1797823ab39beb1b4529f9e46c0c7c4c.291

WASHINGTON - Highly sensitive Internet traffic on US government and military websites was briefly "hijacked" and routed through Chinese servers earlier this year, a report to the US Congress said Wednesday.

For 18 minutes on April 8, a Chinese state-owned telecommunications firm rerouted email traffic to and from websites of the US Senate, the Department of Defense, along with "many others" including NASA and Department of Commerce, said the US-China Economic and Security Review Commission's annual report.

Some 15 percent of the Internet's entire traffic was routed through Chinese servers during this brief period in the late morning US time, said the report.

"We don't know what was done (with the data) when they got it," commissioner Larry Wortzel told reporters Wednesday, noting it was not established if the traffic hijacking by China Telecom was intentional and sanctioned by Beijing.

The rerouting began at a smaller Chinese Internet Service Provider (ISP) called IDC China Telecommunication before being propagated by China Telecom.

"When I see things like this happen, I ask, who might be interested with all the communications traffic from the entire Department of Defense and federal government," Wortzel said, adding: "It's probably not a graduate student at Shanghai University."

The efforts of Chinese individuals and organizations to penetrate US networks "appear to be more sophisticated than techniques used in the past," cautioned commission vice chair Carolyn Bartholomew.

"The massive scale and the extensive intelligence and reconnaissance components of recent high profile, China-based computer exploitations suggest that there continues to be some level of state support for these activities," Bartholomew said.

Leading Web security firm McAfee has warned of a rise in cyberattacks with political objectives, pointing to China as one of the major actors launching assaults on foreign networks.

US targets include the White House, Department of Homeland Security, US Secret Service and Department of Defense, McAfee said in its report last year.

"What could you do if you had the stream of email traffic for 18 minutes" to and from the US Joint Chiefs of Staff, asked Wortzel on Wednesday, saying that "most importantly you would get the Internet addresses of everybody that communicated," and be able to engineer an address to plant a virus.

Former US intelligence chief Michael McConnell told lawmakers earlier this year that the United States would lose a cyberwar if it fought one today, warning: "We're the most vulnerable, we're the most connected, we have the most to lose."

McConnell, who served as ex-president George W. Bush's director of national intelligence, warned a Senate panel in February that because the United States was not failing to effectively mitigate the risk, "we are going to have a catastrophic event."

China's capacity to launch cyberattacks on US commercial interests was also highlighted this year after Internet giant Google threatened to completely shutter its operations in the Asian country, saying it became the target of a series of sophisticated cyberattacks there.

The commission on Wednesday recommended Congress call on the administration of President Barack Obama to formally investigate the "volume and seriousness of exploitations and attacks" targeting federal agencies that handle sensitive military and diplomatic information.


---Baidu CEO: We tried harder than Google in China---
November 15, 2010 | Anthony Ha
http://venturebeat.com/2010/11/15/baidu-robin-li-google-china/

Robin Li, the chief executive of Chinese search engine Baidu, made a rare US appearance at the Web 2.0 Summit today, where he answered questions about his success - and about why competitor Google failed to make any real headway in China.

One of the common explanations is that China’s government backs Baidu and created obstacles for Google, but Li said that it’s a “misperception” to believe that “Baidu is the only game in town.” Instead, he said, Baidu won because it was willing to focus on and adapt to the Chinese market.

“First of all, we did try harder,” Li said. He noted that when he returned to China from Silicon Valley 10 years ago, he gave up all his stock options in his old companies, and Baidu “basically did nothing but Chinese search” for a decade. During its first five years, Baidu tripled the size of its search index every year, compared to other search engines that only increased by 30 or 50 percent.

There are obstacles to working in China, such as government censorship and slower internet load times, but companies need to be patient and adaptable, Li said. For example, he had heard complaints that the bureaucracy makes it more time-consuming to legally establish a company in China than in the United States. But while Li was waiting for the business license, Baidu rented office space and started writing code.

“The censorship issue, the bureaucracy, the slow internet connection, those are the things you really don’t have control of,” Li said.

And China’s startup environment is different from the situation in the US, he added. For one thing, Silicon Valley venture capitalists poured a lot of money into the region before Google’s arrival, creating a very competitive landscape. For another, many talented Chinese engineers in the US are willing to come back to China to work for a startup or to create their own.

“If you are not prepared to compete in this kind of market, you’re not going to be successful,” Li said.

So how dominant is Baidu? Li said there are 420 million people online in China and that 99 percent of them use Baidu.

As for future plans, Li said Baidu is looking at international growth and has already moved into Japan. Taking on Google in the more-established US market is not a priority, however.

“If we [come] up with ideas that are different and better, we will do it,” Li said. “Otherwise, we will wait.”

0 コメント: