As a Strategist post earlier this week reported, former CIA head Michael Hayden has accused Chinese Telecommunications company Huawei of snooping for the Chinese Government. Huawei isn’t new to controversy, after being blocked from working on the NBN due to ‘security concerns’ in 2012. But this story is significant as it’s the first time a senior official has categorically and publicly implicated the company in spying. This news rounds off a bad week for Huawei after the UK Parliament’s Intelligence and Security Committee (ISC) handed down a report outlining concerns with Huawei’s Cyber Security Evaluations Centre. In what the ISC sees as a direct conflict of interest, the Huawei staffed cell is responsible for providing security assurance on Huawei products. The ISC is now calling for GCHQ to staff the centre.
China’s Ambassador to Australia Chen Yuming has responded to the allegations, calling General Hayden’s comments a politically motivated attack. The Ambassador went on to distance both Huawei and the Chinese Government from cyber espionage, saying “There may be some people doing things the article referred to, but it is not Huawei or China for sure.”
The New York Times has an intriguing piece on the online trade of hacking codes. Individuals and groups are actively searching for and selling ‘zero day’ flaws to the highest bidder. Zero day vulnerabilities are coding flaws in software or applications that the creator isn’t aware of. These flaws can then be exploited to allow unrestricted access to affected computers. With an online market consisting of big business, domestic and foreign governments and the software vendors themselves, a flaw can reap a finder’s fee of anywhere from $35,000 to $160,000.
Samir Saran and Abhijit Iyer-Mitra have a thought-provoking commentary piece in The Hindu on the challenge governments have in protecting individuals in cyberspace whilst not invading their privacy. It also discusses the lax enforcement of India’s privacy regime and raises concerns over the security of gathered data.
The Russian Federal Guard Service (FSO in the Russian acronym), the Kremlin’s information security body, has a novel solution to maintaining information security in the age of Wikileaks, PRISM and Edward Snowden. The Service is spending $16,200 to procure old style electronic typewriters. An FSO source told a Russian newspaper that documents produced on the typewriters were easier to trace back to individual machines and signalled a broader move back to paper based communication.