Lenovo has confirmed that a “high severity” security vulnerability has left users of specific network-attached storage devices with data exposed to anyone who went looking for it. How much data? How does at least 36TB grab you? That’s the number that the security researchers who uncovered the vulnerability in the Lenovo-EMC storage products put on the data leak at the time of the discovery.
According to the Vertical Structure report, security researchers found “about 13,000 spreadsheet files indexed, with 36TB of data available. The number of files in the index from scanning totaled 3,030,106.” Within these files, the report reveals, a “significant amount” with sensitive financial information including card numbers and financial records were found.
It is well known that the Chinese government has the country on lockdown: people are monitored 24/7 with millions of CCTV cameras; the “Great Firewall of China” blocks access to unapproved content and tracks attempts to circumvent it; municipal party leaders keep tabs on citizens. All networks and equipment are operated by companies either owned by the government or are beholden to them.
All surveillance data is aggregated into a unified system of social credits intended to standardize the assessment of the social and financial reputations of individuals and firms.
People who don’t live up to the Chinese government standards are sent to “transformation-through-education” or reeducation camps and generally are denied due process to defend their activities, according to Amnesty International. In practice, not a single bit of information moves outside of the government’s purview.
It’s curious then why more cyberattacks originate from China than any other nation. Indeed, if China was so concerned about law and order, they could...
Chinese tech giant Huawei wants to help construct Germany’s 5G network. The new technology will radically increase mobile internet speeds. A Chinese company, in other words, is aiming to bring Germans faster internet access.
Ironically, China’s government has done everything in its power to isolate the country’s internet and social media platforms from the outside world. It has deployed state of the art technology to hamper the ability of Chinese people to learn what is happening in Germany and elsewhere around the globe.
China does everything it can to block access to information, particularly from the foreign press. So letting a Chinese firm build Germany’s 5G network is...
Intelligence officials believe China may have been behind a massive data breach which compromised the personal details of thousands of Australian National University students and staff.
The Sydney Morning Herald reports that senior intelligence officials have pointed the finger at China as one of only a few countries capable of pulling off the hack, which compromised up to 19 years’ worth of personal data from students and staff.
The ANU revealed the breach on Tuesday, with vice-chancellor Brian Schmidt saying the university had detected an “unauthorised access to significant amounts” of data including the bank numbers, tax details, academic records and passport details of students and staff dating back almost two decades.
The Australian Signals Directorate said the hack appeared to be the work of a sophisticated actor, and now intelligence officials are reportedly pointing the finger...
Supply chain vulnerabilities have leapt to national attention thanks to concerns about Chinese companies Huawei and ZTE, the subsequent ban of their products from use by the federal government, and President Donald Trump’s adding Huawei to a list of entities with whom U.S. companies are prohibited from doing business.
While those actions address some of the supply chain risks from some companies, one-off bans of problematic companies will not be sufficient to protect the country. As Federal Chief Information Security Officer Grant Schneider notes, these are merely “whack-a-mole solutions to a challenge that we need a far more systemic approach to.”
The good news is that government officials are finally starting to pay attention to the vulnerability of their supply chains. Last year, the Department of Homeland Security formed an Information and Communications Technology supply chain task force filled with representatives from both the public and the private sectors. A law passed last December led to the creation of the new Federal Acquisition Security Council, which held its first meeting last month. And the White House recently released an executive order prohibiting the acquisition or use of any information and communications technology or service coming from a company deemed a national security threat.
The U.S.-China trade war is making headlines, but the most important aspect of the long-term economic competition with China isn’t soybeans or natural gas, it’s technology. The dual flashpoints of economic espionage and backdoor surveillance could precipitate the great uncoupling of the world’s two largest economies.
Although American politicians have just started to pay attention, China has been engaged in a decades long, systematic, state-sponsored effort to steal U.S. technology. Beijing has relied heavily on stolen trade secrets and intellectual property to build its own indigenous manufacturing and technology base. Recent U.S. intelligence community estimates suggest that China employs 30,000 military cyber spies and 150,000 private sector cyber experts whose job is to steal foreign secrets and technology.
As China has caught and even overtaken the competition in critical technologies, the United States and other countries have taken notice. In 2015, the Obama...
Social media giant Facebook is blocking the preinstallation of all its apps on Huawei phones according to a report.
Reuters got the exclusive, but seems to actually have official confirmation from Facebook rather than the ‘people familiar with the matter’ that are so common these days. The company told Reuters that it won’t be allowing the preinstallation of Facebook, WhatsApp and Instagram on Huawei phones.
The move doesn’t apparently extend to stopping people installing the apps themselves or somehow trying to prevent their use if they do, which would have set an interesting precedent. There’s also no mention of geographical parameters, implying Facebook has gone for a global ban just to make sure it doesn’t upset the US government. A person familiar with the matter was finally dug up to add weight to the sense that this is a global ban.
This just the latest metastasis of the heat the US has been laying on Huawei, superficially over concerns about security and industrial espionage, but more deeply as...
President Donald J. Trump recently signed an Executive Order restricting US firms from using telecom equipment manufactured by foreign businesses deemed national security threats, and the Department of Commerce, based upon a Justice Department indictment against the firm, banned American firms from selling and licensing components to Huawei.
this debate is more complex than the role of a single company or technology and published this research note The story behind the Huawei story and this note: The debate about network security is more complex than Huawei. Look at Lenovo laptops and servers and the many other devices connected to the internet.
Just as the role of cybersecurity in mobile networks is important, so it is in satellite networks. Chinese players have come to dominate many areas of mobile networks, including network equipment, devices, and services, and the Chinese satellite industry has developed a similarly broad set of enterprises. President Xi Jinping is driving the process for the Chinese to have a leading position in the global satellite industry, and the emergence of a national satellite champion for satellite, the “Huawei of Satellite” so to speak, is likely.
The satellite industry is engaged in a technological and economic transformation to discover how to deliver faster and better broader for less money. Globally the...
Last week President Trump signed an Executive Order restricting U.S. firms from using telecom equipment manufactured by foreign businesses deemed national security threats, and the Department of Commerce based, based upon a Justice Department indictment against the firm, banned US firms from selling and licensing components to Huawei. While the decision deserves praise, a larger discussion is urgently needed about how firms affiliated with the Chinese government and military (e.g. ZTE, Lenovo, Tianma Microelectronics etc) may imperil national security, intellectual property, and personal safety.
Strand Consult believes that this debate is more complex than the role of a single company or technology and published this research note The story behind...
On a summer evening in 2004, as the Supercomm tech conference in Chicago wound down, a middle-aged Chinese visitor began wending his way through the nearly abandoned booths, popping open million-dollar networking equipment to photograph the circuit boards inside, according to people who were there.
A security guard stopped him and confiscated memory sticks with the photos, a notebook with diagrams and data belonging to AT&TCorp. , and a list of six companies including Fujitsu Network Communications Inc. and Nortel Networks Corp.
The man identified himself to conference staff as Zhu Yibin, an engineer. The word on his lanyard read “Weihua”—an accidental scramble, he said, of his employer’s name: Huawei Technologies Co. The next day, says Peter Heywood, a co-founder of telecoms research firm Light Reading, the engineer appeared rumpled and bewildered, saying it was his first time in the U.S. and he wasn’t familiar with Supercomm rules forbidding photography.
Huawei has since grown from a little-known interloper into China’s global tech champion, the world’s biggest maker of telecoms gear, a leader in next-generation 5G networks, and...
