Today, a new report was released by the U. S.-China Economic and Security Review Commission. The Commission, created in 2000 to monitor the security implication of trade with China, publishes an annual report to Congress that covers eight mandated areas: proliferation, economic trade, U.S. capital markets, regional security, bilateral relations, energy, WTO compliance, and free expression. So far, the press has been most interested in the report’s section on free expression, particularly regarding China and the Internet.
The report’s most explosive finding is that in April 2010, for approximately 18 minutes, traffic to 15 percent of the world’s Internet destinations was diverted to China. China Telecom’s routers sent out messages saying that their networks would be the fastest route between any two points. Any data that then passed through China and was unprotected could theoretically have been copied and read. No one knows why it happened. Or as the report puts it, “Evidence related to this incident does not clearly indicate whether it was perpetrated intentionally and, if so, to what ends.”
But as the report and other analysts have noted, it is not as rare an event as you might expect. Dmitri Alperovitch, vice president of threat research at McAfee, told National Defense Magazine that this type of accident happens a few times a year. Network operators in Pakistan brought down YouTube around the world in 2008 when they blocked it from Pakistan. This incident was different because of the amount of data diverted, but the possibility of hijacking is intrinsic to the architecture of the Internet; telecoms work on a system based on trust.
Reactions to the Commission’s findings seem to fall into three categories: more Chinese perfidy on the Internet; let’s not blow this out of proportion; and the Internet is really not a very safe place. All three sound about right to me.
Photo courtesy Reuters/Stringer Shanghai