The year was 2008, location British Library London, the event a IT Security Conference sponsored by the UK Governments Home Office where I was giving a presentation and sitting on a panel, when a QA was posed by a delegate relating to possibility of China and their involvement in Cyber Attacks – See URL below
https://www.itnews.com.au/news/china-blamed-for-cyber-terrorism-118089
Having already studied and researched the previous 2007 Titan Rain (TR) Cyber Attacks on the UK, US, and German Governments (See Fig 1 – media cover) with the TR attacks identified as coming from servers in China, whilst the Chinese government were never officially accused of being behind the cyber assaults, basically I was the first Cyber Security Professional to remark in public to directly accuse the Chinese Government of being behind these technological attack-by-wire aggressions – adding that, if an attack can come out of one of the most locked down domicile firewalls in the world, where every digital-breath is potentially monitored, the attacks were either:
- State Sponsored
or
- State Tolerated
Adding that, what we were seeing here was the tip of the iceberg of state-sponsored electronic terrorism from that region. Unbeknown to me at the time, my comments had caught the attention of a young journalist named Robert Blincoe who had taken great interest in my remarks, and followed up by posting an article on ITN news the following day. However, what was also unknown to me at the time was, amongst the delegates was a Chinese Professor from the University of Aberystwyth, North Wales (UK), who during the lunch break verbally and aggressively attacked me in public with some gusto – and as I recall the exchange was recorded by said journalist who was standing close by the vicinity – it would seem my words had touched a very sore point in many places. However, it did not stop there as the following day I received multiple calls from Home Office representatives, and was informed that a formal complaint about my remarks had been made to Gloria Laycock, director of the UCL Centre for Security and Crime Science (very amusing if you consider the opposite connotations) – it would seem that my world was about to get very messy, and it did. A number of indirect and direct threats were made, some via email, others via telephone, and it was looking like I was in a mindset with a majority of one. That said, one bright spot on the horizon came from a very senior officer in the then, Metropolitan Police Computer Crime Unit who said ‘Well done, you said what everybody was thinking, but no one dared!’.
Fig 1 – Titan Rain Media Coverage 2007
The problem with my remarks apparently was, they were untimely and unhelpful as Beijing were hosting the Olympics in that very year, and notwithstanding there was known-known awareness that many UK and International delegates attending this prestigious event would most likely be tapped whist using unguarded Hotel WiFi networks, the political posture stood firm, and visitors were left wanting with zero advice in the way of a public security awareness brief. Amazingly as it may seem, it was in 2010 when the UK Government Cabinet Office published a limited distribution RESTRICTED report advising that China posed a ‘severe electronic threat’ to the UK, but still no real alert was published to Joe and Mary Public – and of course, during this time with the backdrop of now Cabinet Office accepted known-known dangers, the UK/BT/Vodafone saw fit to start deploying HUAWEI kit to be woven into the very fabric of the UK’s telecommunications infrastructure!
During my time researching the Chinese Threat, I am also aware on a first hand basis as to some related Chinese transgressions – at that time, one of the UK’s most senior MP’s was visiting China on Government business, who had not used their laptop whilst in the region – yet as if by magic, upon return to the Houses of Parliament (HoP) discovered, once connected, the laptop was hosting an added malicious component which, upon connection started to poll and probe the HoP network. I am also aware from a first-hand public, none intrusive OSINT (Open Source Intelligence) discovery that one of the UK’s most Central Banks with responsibilities for Cyber Security were implicated and connected into remote systems hosted on a .cn domain (China) – they were completely unaware!
When we arrive at the HUAWEI discussion, notwithstanding many have been either supporting, or silent on the subject, and surprising as it is, including the UK’s Centre for Cyber Security, we now seem be seeing some common (uncommon) sense prevail, and are finally seeing real-world acknowledgement of the actual risk this hostile government holds to UK interests. Sadly, and with some frustration on the news run on14 July, the now promoted Security Editor Rohit Kachroo seemed to imply that the UK were taking the course of action against HUAWEI to placate the US – I can only reason here that Mr Kachroo in his new role is unaware and/or uneducated to the past activities of Chinese Cyber Aggressors – it may also serve a purpose on an educational front or him to read Unrestricted Warfare written by the People Liberation Army, Qiao Liang and Wang Xiangsui – See Fig 2 below.
Fig 2 – Unrestricted Warfare
On another point-of-order, could it be that having seen the global economic, health and psychological devastation caused by the coronavirus and COVID-19, has at last helped persuaded the UK Government to sit up and acknowledge the dangers of a region, who are seemly out of control, and who pose a very obvious threat to global security and stability – and for me, the jury is out as to if the current pandemic has been caused by filth or the hands of Bio Engineers, only time will tell on that one (See Fig 3)!
Fig 3 – Overlay Map of Wuhan 2020
And as if the pandemic is not enough to keep us all locked in to the New World Order, even now we see the potential dangers of full scale Cyber Attacks out of the region of China – if that doesn’t convince anyone the Chinese Government are a real threat, then I give up!
As a closing thought I wonder – whilst we have overtly kicked out HUAWEI, will we known where their smaller electronic elements may creep in to other devices such as laptops and cell phones for example – we now need to be on our guard, as the potential for all out Aggressive Cyber Invasion is now upon us!To summarise, in the wake of what has gone, many in the establishment would still seem to have us believe that the reason for pulling HUAWEI is simply a matter of commercialism, which in my opinion is very far off the truth. But at least we have come to a firm agreement that the company is not a good fit for our secure purpose – I guess all we have to do now is consider the imposition of the Chinese role in the deployment of Nuclear Reactors in the UK!
John is the Principle at Shadow-Intelligence (Si), partnering with PALISCOPE, BreachAware and iStorage. He is a Visiting Professor at the School of Science and Technology, Nottingham, Trent University (NTU) and holds the appointment of Editor in Chief for the International Journal of Cyber Forensics and Advanced Threat Investigations (CFATI). For the last decade he has delivered training courses in the Middle, and Far East to Commercial, Industrial, the Financial Services Sector, and Military Agencies, including the UAE, US, Pakistan, Saudi Arabia, Malaysia (KL), Singapore, Argentina, and Sao Paulo
He served in the Royal Air Force 22 years’, specialising in Counterintelligence, working with UK Agencies such as GCHQ/CESG, and others in the fields of SIGINT, COMINT and Satellite Communications, holding appointments such as System ITSO for a CIA SCIF.
In the commercials sectors of IT/Cyber he has worked for/with Logica, Bae, T5, GM, Experian, Betfair, Palace of Westminster, House of Lords/Commons, TSol (Treasury Solicitors) and provided Consultancy to the Saudi Arabian MOD, TRA (Telecommunications Authority (Dubai) and the Military Academy of Malaysia (KL) on SOC, CSIRT, Digital Forensics and OSINT. Within the last 5 years he has focused on Geopolitics, with global expertise around the UAE and Russia, Anti-Terrorist Operations (ATO), Cyber-Warfare, Dezinformatsiya (Disinformation) and Maskirovka (Military Deception).
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.