BERKELEY, CA - A report submitted to the U.S. Congress by the U.S.-China Economic and Security Review Commission (USCC) on Nov. 17 has made a point of noting that on April 8 this year, Internet traffic including that from U.S. military sites, was wrongly redirected to China.
Internet traffic was redirected through the servers of China Telecom for a total of 18 minutes. The report details the redirection of nearly 15 percent of the world’s Internet traffic to Chinese servers.
It says that traffic from .gov and .mil websites was affected by the 18-minute-long April 8 redirection, including those for the Senate, all four military services, the office of the secretary of defense, the National Aeronautics and Space Administration (NASA), the Department of Commerce, the National Oceanic and Atmospheric Administration, as well as commercial websites including those of Yahoo, Microsoft and IBM.
This report notes all of this, and yet people may ask why the temporary redirection of Internet traffic is a problem.
This is because, from the point of view of Internet security, control over diverted data could possibly allow a telecommunications firm to compromise the integrity of secure encrypted sessions.
Possible diversion
The redirection could have enabled surveillance of specific users or sites. It could allow a diversion of data to somewhere that the user did not intend.
Therefore, a redirection of this kind is a very serious matter, especially with regard to sensitive government or military information.
So, how did China Telecom react to this report?
I spent a long time looking online, and all I could find was this comment: A top official at the company, in an exclusive interview with Xinhua News Agency, said that "these so-called reports by foreign media are completely groundless."
Not the first time
Of course, this isn't the first time that the Chinese government and departments under its control have been accused of presenting a threat to global Internet security.
Everyone will remember that when Google announced at the beginning of this year that it would pull out of China, that Google's e-mail infrastructure had been the target of a cyber-attack originating from a server inside China. A lot of the e-mail accounts targeted as a result of this attack belonged to Chinese human rights activists.
I'm sure everyone around the world will also remember a report issued by the Canada-based Munk School of Global Affairs on March 18, 2009 which revealed a vast network of cyber-espionage, encompassing traffic from banks, embassies, foreign ministries and other government departments in 103 countries and across more than 1,000 government and personal computers.
This is the famous GhostNet.
Ghostnet
Pretty much all of the computers that control GhostNet are based in China. Of four servers, three are in China: on Hainan Island, in Guangdong and Sichuan provinces. One of the main targets of this network is the Tibetan Government-in-Exile, which had some of its computers compromised.
Even more reason to believe that relevant Chinese government departments are behind this.
We have already had more than one incident that threatens global Internet security which bear the imprint of the Chinese government.
Now, the USCC is bringing up this report of a major redirection of Web traffic, in particular, one where records show clearly that the China Telecom server gave incorrect routing instructions to the traffic.
Denial
On top of that, we have this denial from China Telecom, reported by none other than Xinhua News Agency, which says that the foreign media reports are "completely groundless", without giving any reason for the incident.
If China Telecom can't give a credible explanation for the redirection of Web traffic, then it will have proved by omission the existence of intentional controls over Internet traffic.
Xiao Qiang is an adjunct professor at the Graduate School ofJournalism, University of California atBerkeley.