A digital backdoor is a method of gaining access to a computer system or encrypted data that circumvent the system’s standard security procedures. A developer may design a backdoor to allow access to an application or operating system for debugging or other purposes. However, attackers frequently utilise backdoors that they discover or install as part of an exploit. A worm or virus is designed to exploit a backdoor left open by an earlier attack in some circumstances. A backdoor allows the hackers to access encrypted data, which is a security concern since threat actors are constantly looking for vulnerabilities to exploit.
The Chinese government and the People’s Liberation Army heavily invested in cyber warfare. They have identified Telecommunication companies such as Huawei and ZTE Corporation as providing the potential for data backporting through the equipment they install in approximately 145 countries and 45 of the world’s top 50 telecom centres. These backdoor enable Chinese authorities to spy on proprietary information, sometimes manipulated. In certain situations, these backdoors enable them to carry out sabotage activities.
Huawei was essentially unknown outside of China in 2000, but by 2009 had grown to become one of the world’s largest, second only to Ericsson. These shocking revelations come from technological experts familiar with Huawei, the firm, and the Chinese authorities. Citing several sources, China now has access to around 80% of the world’s telecoms and is working on the other 20%. The Chinese government has “pervasive access” to around majority of the world’s communication hardware, owing to backdoors it has ordered inserted in Huawei and ZTE Corporation equipment. As a result, any data travelling via any Huawei-equipped network is insecure unless encrypted using military-grade encryption. Even then, one source cautioned, “there is little question that the Chinese will labour tirelessly to decrypt everything encrypted that they intercept.”According to various sources, most enterprise telecommunications networks employ “very low encryption” on their virtual private networks or VPNs.
In another Incident, US Cyber security researchers Pierre Kim and Alexandre Torres discovered a “backdoor” in Chinese networking equipment in July 2020, allowing anyone with the necessary tools to access the machines. Vulnerabilities in the devices might allow nearly anyone to access Telnet accounts, which can be used to remotely access popular networking devices from Chinese companies C-Data and V-SOL. The researchers cautioned that the backdoor may provide hackers with “full administrator Command Line Interface access.”
On March 1, 2022, Symantec, a US-based cyber security firm, announced that they had discovered a “potent” Chinese hacking tool that had been hidden from public view for more than a decade. Daxin, as the virus is known, is without a doubt the most advanced China-linked malware, acting as a digital conduit to Chinese servers capable of harvesting critical information from advisories. Daxin is a covert backdoor meant to control and exfiltrate data from endpoints on difficult-to-crack corporate networks. According to Symantec’s study, Slug, also known as Owlproxy, a threat actor with ties to the Chinese government, produced Daxin. It was discovered in 2013 and was already capable of evading detection by state-of-the-art antivirus technologies a decade earlier. It remained inactive until late 2019 or until security professionals were unable to identify it, which is also a possibility. At that point, it resurfaced and began attacking telecommunications, transportation, and manufacturing industries during 2020 and 2021. What distinguishes Daxin from other malware is its unusual appearance and the manner in which it communicates with the C2 server. The malware is defined as a Windows kernel driver that monitors network data for patterns. Another feature distinguishing Daxin from other malware is its capacity to establish a complicated communication channel across several endpoints, enabling persistence on heavily fortified networks. Symantec did not disclose the names of the firms targeted this time.
In the aftermath of the Galwan Valley skirmish with China, the Indian government proceeded to ban various Chinese apps from Indian mobile stores. Following China’s unwarranted aggression and attempted territorial robbery in Ladakh, this step became vital for a strong Indian reaction. Resisting digital colonialism also demonstrated that India would not tolerate Chinese attempts to seize or even influence any Indian asset, including consumer data.
This motif was prevalent throughout the world. The Indian steps were applauded in several countries, and the Chinese technology sector subsequently took a nosedive. Global scrutiny and the Chinese regime’s illiberal domestic repression have suffocated consumer internet enterprises. As they seek new bounce-back chances, these corporations increasingly attempt to re-enter India via the backdoor.
Even if we can successfully avoid Chinese products, our cyber environment is unprotected. Electronic intrusions are allegedly carried out remotely via the commercial networks created by Chinese telecommunication hardware manufacturers like Huawei and ZTE in many nations. Organisations interacting via VPNs with partner companies in countries where Huawei and ZTE have placed network equipment are at risk of being compromised.
Not only do Huawei and ZTE dominate the world’s communication infrastructure, but they are still developing. The two companies benefit significantly from telecommunications initiatives in Malaysia with DiGi, Globe in the Philippines, Megafon in Russia, Etisalat in the United Arab Emirates, America Movil in some countries, Tele Norte in Brazil, and Reliance in India.
These deals are being made because the Chinese government supposedly subsidises Huawei and ZTE Corporation’s equipment. State-backed Chinese banks fund these Chinese telecommunications infrastructure. These companies do not pursue payment on any of the equipment for years. This makes them highly desirable, as Western corporations cannot compete on domestic and international development projects.
Discussion about this post