China accused of using Belt and Road Initiative for spying

FINANCIAL TIMES

14-8-18

China accused of using Belt and Road Initiative for spying

Report identifies growing cyber espionage threat in countries across Asia and Europe.

Stefania Palma

Chinese cyber espionage linked to the Belt and Road Initiative is increasing, with experts warning that Beijing is using the huge infrastructure project to spy on companies and countries as well as to damp down dissent.

The country is alleged to have targeted Belarus, the Maldives, Cambodia, European foreign ministries and non-governmental organisations, according to the report by US cyber security company FireEye.

“They appear to be interested in countries where there is a lot of money at stake for them or where policies are being created that would affect future projects,” said Sandra Joyce, vice-president of FireEye.

The BRI initiative has already come under attack from critics, such as Malaysian prime minister Mahathir Mohamad, who has alleged that China has negotiated “lopsided” deals.

Now the project could present a cyber threat as well, raising further questions about the bidding process and China’s motives.

Samantha Hoffman, a research consultant at IISS, a think-tank, said that beyond monitoring mega-projects or information gathering, China likely wanted to use data collected to damp down dissent. “It’s also about controlling debate and ideas where that has specific security and diplomatic consequences,” she said.

Ms Hoffman has written that “data courier stations” in foreign countries including ecommerce platforms, Confucius Institutes, telecoms networks, transportation companies, hotels, financial payment institutions and logistics companies “would send data via back-ends to a centralised analysis centre in China”.

Under Beijing’s national intelligence law, Chinese organisations and citizens are called to collaborate in the collection and guarding of “national intelligence work”, with the state offering them its protection.

FireEye warned that Malaysia was open to “the heightened risk of cyber espionage” in the light of Mr Mahathir’s criticism since his election earlier this year.

“We expect espionage activity against Malaysian organisations will increase in an attempt to gain insight into current events,” said Ms Joyce.

FireEye alleged that a Chinese hacker group called TEMP.Toucan had already tried to breach Malaysian public and private organisations.

The report also found that a Chinese cyber espionage group called Roaming Tiger had targeted Belarus, where China is building its biggest European industrial park. ZTE, the Chinese state-owned telecoms company that was banned from purchasing equipment from the US earlier this year, is among the park’s investors.

FireEye also said malware “unique to Chinese espionage groups” attacked international non-governmental organisations with links to the BRI in late 2017 and that phishing emails targeted multiple European foreign ministries.

Chinese authorities could not be immediately reached for comment.