Donald Trump made some questionable remarks this week that have rightly caused an almighty backlash. But one thing he did that may have more support, is sign an executive memorandum which will most likely lead to a lengthy investigation into alleged widespread Chinese theft of US IP. This is a big deal in Silicon Valley and something that has irked US business in general for years.
The question is, will this latest strategy actually result in any concrete changes on the Chinese side? As you can see from this new IDG Connect piece, I’m not convinced.
Years of theft
There are few things Democrats and Republicans agree on, but one is that China has had things far too long its own way when it comes to trade. The US trade deficit between the countries grew to $310 billion last year, helped by the growing dominance of Chinese businesses. Many of these have been able to accelerate their growth and maturation thanks to IP either stolen by hackers from US counterparts or take via forced joint ventures and tech transfers. Many of them are selling back into the US or their huge domestic market, undercutting American rivals.
Chinese firms don’t have the same restrictions around forced JVs and tech transfers to enter the US market. In fact, the likes of Baidu even have Silicon Valley R&D centres where they’re able to recruit some of the brightest locals, while government-backed VC firms have been funding start-ups to continue the seemingly relentless one-way IP transfer.
There are, of course, more nuances to the dynamic, but you get the point.
So, will this investigation get us anywhere? After all, it will empower the President to take unilateral action including sanctions and trade embargoes. Well, on the one hand, little gain can be made from stopping Chinese IP hackers, as they have stopped outright theft ever since a landmark Obama-Xi deal in 2015, according to FireEye Chief Intelligence Strategist, Christopher Porter.
“If anything, discontinuing straightforward theft of intellectual property for strictly commercial purposes has freed up Chinese actors to focus more on these other targets than ever before, so the risk to companies before and after the Xi Agreement depends heavily on what industry that company is in and what sort of customer data they collect,” he told me via email.
That’s not to say the Chinese aren’t still active in cyberspace, but it’s less around IP theft, which is the focus of this investigation, Porter added.
“We have seen an increase in cyber threat activity that could be Chinese groups collecting competitive business intelligence on US firms selling their products and services globally—several companies that were targets of proposed M&A activity from would-be Chinese parent companies were also victims of Chinese cyber threat activity within the previous year, suggesting that they may have been targeted as part of the M&A process to give the Chinese company a leg-up in negotiations,” he explained.
Which leaves us with JVs and tech transfers, which have provided Chinese companies with vital “know-how” and “know-why” over the years. To my mind, if there’s any area where the US can and should focus its diplomatic and negotiating efforts, it’s here. However, as reports in the past have highlighted, it took China years to construct a gargantuan, highly sophisticated tech transfer apparatus, and it won’t be looking to bin that anytime soon, especially with the Party’s ambitious Made in China 2025 strategy now in full swing.
Neither side will want to become embroiled in a trade war. The US has too many companies which count China as a major market – it’s Apple’s largest outside the US, for example – and Chinese firms are doing very well selling into the US, as that huge trade deficit highlights.
In the end, my suspicion is that this is just another bit of Trump tough talk which will actually produce very little.
“This long-awaited intervention should also probably be viewed in the larger picture of the way the Trump administration operates: in terms of ‘carrot and stick diplomacy’,” Trend Micro European Cyber Security Strategist, Simon Edwards, told me.
“It is also well documented that the US administration is trying to use trade deals to get action on the situation in North Korea; and perhaps this is more of a stick to be used with the accompanying ‘carrot’ of a greater trade deals?”
Time will tell, but it’s unlikely that US tech companies operating in China, and their global customers, will be any better off after this latest test.
As the dust settles on Donald Trump’s extraordinary ascent to the White House, what do we know of his plans for cybersecurity? I’ve been speaking to a variety of experts for an upcoming Infosecurity Magazine feature and, believe it or not, the majority are not particularly optimistic of the future.
His official website, outlining the Trump ‘vision’ for cybersecurity, focuses on some easy wins:
- An immediate review of critical infrastructure and federal cyber “defences and vulnerabilities” by a Cyber Review Team comprised of members of the military, law enforcement and private sector
- The same team to establish “protocols and mandatory awareness training” for all federal employees
- DoJ to create Joint Task Forces to co-ordinate federal, state and local law enforcement cybersecurity responses
- Defence secretary to make recommendations on enhancing US Cyber Command
- Development of offensive cyber capabilities
Doug Henkin, litigation partner at Baker Botts, said the focus on awareness raising is a positive.
“This appears to be a good development for setting a positive tone to lead from above with respect to best practices for protecting against cybersecurity threats and is also essential for corporations seeking to ensure good cybersecurity preparedness,” he argued.
“It is essential to increase training as the new administration has recognised, while also remaining vigilant to how cyber attacks occur.”
That’s pretty much where the good news ends.
It might be too early to judge president-elect Trump on his cybersecurity credentials. But it must be remembered that, despite his bluster over ‘Crooked Hillary’ and her email blunder, his businesses were found to be a whole lot worse when it comes to security. Independent researcher Kevin Beaumont scanned publicly available records last month and found many of Trump organizations’ messaging servers are running the no-longer supported Windows Server 2003 and Internet Information Server (IIS) 6. He also found 2FA unsupported, meaning user accounts are vulnerable to password phishing or brute force attacks.
What’s more, as a briefing document from think tank the Information Technology and Innovation Foundation (ITIF) tells us, Trump has promised in the past to apply tariffs against China if it “fails to stop illegal activities” and to “adopt a zero tolerance policy on intellectual property theft.”
Given what we know about China, this is a dangerous game to play. Beijing will continue to pretend it is abiding by the agreement between presidents Obama and Xi to stop state-sponsored economic cybercrime. And that could lead to heavy reciprocal penalties on US tech firms in China, such as Apple. The state-backed Global Times has already warned China will adopt a tit-for-tat approach if Trump plays it tough.
Silicon Valley scares
Trump’s election is also a disaster for Silicon Valley. The former reality TV star has expressed support in the past for the FBI’s stance in trying to force Apple into building a backdoor to unlock the San Bernardino shooter’s phone. He even called for a ban on Apple products in response to the firm’s refusal to do so. We can therefore expect more pressure on them to undermine encryption, which would be a disaster for businesses and consumers everywhere, as well as the American tech firms themselves.
As if that weren’t enough, he’s also a big fan of the Patriot Act and will inherit a fearsome surveillance apparatus from Obama. The Democrat is already being blamed for failing to overhaul the huge encroachment on civil liberties enacted by the Bush administration. Writing in the Guardian, Freedom of the Press Foundation executive director, Trevor Timm, had this:
“What horrors are in store for us during the reign of President Trump is anyone’s guess, but he will have all the tools at his disposal to wreak havoc on our rights here at home and countless lives of those abroad. We should have seen this coming, and we should have put in place the safeguards to limit the damage.”
Let’s hope he surprises us all.
China’s head honcho when it comes to censorship recently stepped down. This being China, no-one seems to know whether he was effectively sacked, or asked to move to a new bigger and better role. But what we do know is that things aren’t going to get any better for those inside the Great Firewall.
Over the past three years, Lu Wei has been a constant thorn in the side of rights groups, diplomats and Silicon Valley bosses. His aggressive defence of China’s sovereign right to do with its internet what it sees fit – most notably at the laughably titled World Internet Conference in Wuzhen – has been jarring at times. The Cyberspace Administration of China (CAC) he headed up also runs root CA and .cn operator the Chinese Internet Network Information Center (CNNIC). As such, it was blamed by Google last year for issuing unauthorized TLS certificates for several of its domains, which were subsequently used in man-in-the-middle (MITM) attacks.
Even more damning, the CAC was accused of launching Man in the Middle attacks on Outlook users last year in response to its migration to HTTPS, which the authorities can’t monitor. And then it was pegged for a DDoS attack on anti-censorship organisation Greatfire.org – a constant thorn in the side of the authorities in Beijing.
I spoke to Greatfire.org co-founder Charlie Smith about the reasons for and implications of Lu’s departure.
“If it ain’t broke, don’t fix it, right? We probably just had the quietest anniversary of Tiananmen [Square massacre] yet, in terms of online dissent and discussion. There is more censorship in general. Less circumvention because of a crackdown on VPNs. And fewer foreign companies are trying to challenge the status quo,” he told me via email.
“We know controlling the medium is pretty near the top of [president] Xi Jinping’s agenda. So why make a change now? The timing likely indicates that this was a planned and not a rash decision. There was no need to unsettle things before the 4 June anniversary and the change happens well before the next ‘World’ Internet Conference in Wuzhen.”
Smith went on to argue that, even though Lu presided over an unprecedented crack down on internet freedom – primarily through a new regulation banning the spread of “rumours” online – he didn’t go far enough.
“Lu was not perfect. As we have shown, it is impossible to completely block all information for those inside China,” Smith continued. “Maybe in this regard, Lu was being blamed and Xi decided he wanted somebody who can get the job done. Maybe Xi was upset about being ‘vilified as a murder suspect’ and could not comprehend why Lu Wei was unable to scrub information from the Chinese internet.”
Lu’s removal, if that is what it was, may also have been an attempt by Xi at curbing his growing influence – after all, propaganda is at the heart of the Party’s power and everyone inside knows it. His replacement, Xu Lin, is a Xi Jinping acolyte and one time deputy secretary of Tibet’s Shigatse Prefecture who will certainly toe the presidential line.
As Smith put it, “if Xu Lin fails to quell ‘rumours and slander’ Xi does not have to second-guess whether or not Xu is doing everything within his power to stop these attacks.”
So what prospects for the future? Pretty grim if you’re inside China and are a fan of human rights and internet freedom.
Beijing was one of a few countries – Russia, India, Indonesia included – that voted against a non-binding resolution at the UN this week stating all individuals must be afforded the same rights online as offline and that the universal right to freedom of expression should be upheld online.
As Smith said, if Xu Lin “handles information control on the Chinese internet the same way the authorities handle information control in Tibet then the situation could even get worse.”
There is some hope for businesses and individuals which need to leap the Great Firewall.
The hope is that it will encourage greater use of VPNs and help developers improve their circumvention products, as well as provide a much needed additional source of revenue for Greatfire.
The concern is that if it gets popular enough, Beijing will do all it can to put it out of action.
News emerged a few days ago that Foxconn had effectively laid off 60,000 workers in China and replaced them with robots. “So what?” you might think. And to be honest, if it keeps the cost of our tech devices down, then good for Foxconn, right? Well, unfortunately it’s not that simple.
The changing dynamics of the Chinese labour market could have a profound effect on us here in the West, and even portend similar disruption to our own workforce in the not-too-distant future.
These stories have been doing the rounds for years because – well – contract manufacturers like Foxconn and others have been investing significant sums into robotics for years. Why? The answer’s pretty simple, according to IHS analyst, Alex West.
“Robots don’t need to stop working, but they don’t get drowsy, distracted or depressed either, so quality and consistency of manufacturing is enhanced. With the developments in AI and predictive analytics, robots are also far less likely to get ‘sick’, reducing downtime,” he told me.
To that I’d add that they don’t go on strike, commit suicide or complain to the papers about poor working conditions – all problems Foxconn for one has encountered. But robots can also add value in other ways, such as helping firms win business from their rivals, according to West.
“Robots are evolving, becoming more intelligent as AI solutions help them to ‘learn’ on the job, but also becoming far easier to program and integrate on production lines,” he continued. “Collaborative robots are also making robotic solutions safer and easier to install without the additional safety concerns and equipment.”
There’s clearly a drive for this in China, the tech manufacturing centre of the world. The Chinese government has made investment in robotics a priority in its 13th Five-Year Plan, with IHS forecasting a 30% CAGR. But this threatens to create social instability as human workers are shelved in favour of machines. Foxconn and others claim bots are only used for repetitive tasks that humans don’t want anyway. But there’s no guarantee that there are enough skilled roles to fill the gap.
“Dull, repetitive jobs on the plant floor will be replaced by a range of higher-skilled positions such as robot/systems integrators, programmers, and data scientists supporting enhanced AI,” argued West.
“However, there will be less of these more advanced roles, and some of the type that existing workers will not have the skillsets to be able to transition to.”
This might seem a long way from the UK. But our workforce is also facing a robot invasion – not from these industrial bots, but service robots like Softbanks’ Pizza Hut-serving Pepper. In fact, a Deloitte study has claimed that 35% of UK jobs have a high chance of being automated in the next decade or two.
Robots still only account for 0.3% of all machinery produced in China last year, according to West, so there’s still a long way to go. But it’s probably time to start getting nervous in the UK.
Huawei has leaped over local rival Xiaomi to take number one spot in China’s much prized smartphone market, according to Canalys. I covered the news for IDG Connect and asked Canalys VP analysis, Rachel Lashford, whether she thought the Middle Kingdom now belonged to domestic players.
She argued that the market has actually decelerated slightly of late (1% from 1H14 to 1H15) which has increased the pressure on all vendors – but Apple and Samsung are still flying the flag for the Rest of the World.
“Apple still has a very powerful brand in China and we expect to see the latest product launches to continue its popularity,” Lashford told me.
Samsung, meanwhile, has dropped from the top spot of a 15% share in 1H14 to fourth place (9%) a year later.
“But it is recovering in the high end and has really focused on investing in localised marketing messages,” Lashford added, by email. “Combined with recent restructuring of its channels, focusing on large retail and operators, it should be well equipped to keep the pressure up on its local competition.”
So what of Huawei and Xiaomi? The former’s rise has come on the back off a steady building out of online channels over the past two years and a focus on its offline channel presence. Aiming squarely at the mid-range ($200-500), it has increased investment in the brand to good effect, concentrated on quality and kept momentum with regular product updates.
Xiaomi, on the other hand, may have taken its eye off the ball by concentrating on wearables, TVs and other smart home kit. It will need a “refreshed flagship” in time for Chinese New Year to wrest back momentum, she claimed.
And what of the two vendors’ plans for international expansion? Well, half of Huawei’s sales already come from outside the massive China market. But Xiaomi will need more help to get it competing beyond the Great Firewall.
“Many vendors are hindered by the lack of patents and having the difficulties and expense of licensing those in order to enter markets like the US and Western Europe where these are adhered to, so this needs to be overcome,” claimed Lashford.
“As does the adoption of a successful channel strategy. Xioami’s focus has been directly online, but it will still likely need the expertise of distributors mobility businesses – like Tech Data and Ingram Micro – in order to navigate the complexities of bringing those products to market.”
China, Russia, Eastern Europe, the Middle East – the list of hacking hotspots on the radar of most threat intelligence operatives is growing all the time. But what about Japan? For such an apparently technologically advanced nation, you might be surprised to learn its cybercrime underground is still in its infancy.
The security giant claimed that Japanese cybercriminals haven’t yet built up the technical know-how to create malware themselves, preferring to buy from other countries and then share tips on how to use it on many of the local underground bulletin board forums.
These forums also sell the usual suspects of child porn, stolen card data, stolen phone numbers, weapons, and so on.
There were several interesting distinctions Trend Micro uncovered between the Japanese cybercrime underground and elsewhere:
- Cybercriminals accept gift cards from Amazon and the like in lieu of payment
- CAPTCHA in Japanese is used to access the forums, keeping their membership mainly to locals
- URLs for some secret BBSs hosted on Tor and other anonymising platforms can actually be found published in books and magazines
- Japanese cybercriminals are ultra cautious, even using code words when discussing certain contraband, like the kanji character for “cold” when referring to methamphetamine.
So far, the notorious yakuza organised crime gangs have largely stayed out of the game, and that’s the way it’ll stay for some time to come, report author Akira Urano told me. That’s because of a combination of strict cybersecurity laws and the fact that offline scams still work a treat. But it might not be that way forever.
“If ever organized crime groups like the yakuza ever venture into darknets, all they would need is the aid of tech-savvy individuals to engage in criminal transactions,” Urano argues in the report.
I was curious to hear a second opinion on Japanese cybercrime, so I asked FireEye’s local experts.
They hit me with a few stats from the National Police Agency (NPA) which show that, infancy or not, there’s a pretty healthy cybercrime industry in Japan.
Some 88 people were arrested for cybercrimes in the first half of the year, 58% of whom were Japanese. The country is also a major victim of banking fraud – second only to the US, according to other stats.
The country’s public and private sectors also have to withstand a barrage of likely state-backed cyber attacks, launched from outside the country.
Japan’s strengths in advanced technology and engineering, as well as its hand in territorial disputes, have made it a target for China.
Aerospace and defence, transportation, high-tech, construction and telecoms are some of the highest risk industries.
FireEye told me the following by email.
“FireEye observes similar tactics and techniques on Japanese networks as we see elsewhere in the world. However, the key difference is localization: APT actors tailor their phishing e-mails, CnC infrastructure, and even their exploits to Japanese end users. For instance, we have observed threat activity against Japanese targets exploit the Japanese Ichitaro word processing system; zero days against the program are not uncommon.”