China 2014: The Empire Strikes BackPosted: December 19, 2013 Filed under: Uncategorized | Tags: 2013 technology round-up, 2014 technology predictions, anti monopoly, APT1, china, cisco, coolpad, cyber espionage, deloitte fast 500, edward snowden, huawei, ibm, mandiant, meizu, oppo, qualcomm, US, xiaomi, zte Leave a comment
It’s the most wonderful time of the year. At least, if you’re an IT commentator or a vendor with “end of year round-up/next year predictions” stories to sell in to the media.
As a hack whose inbox has been deluged with this kind of dross for weeks now, I’m going to look ahead to 2014 with a more focused question, namely: “how will Western companies fare in China next year, and vice versa?”
Well, first up the signs aren’t looking good for US tech firms. Washington has turned up the anti-China rhetoric fiercely in 2013 and with high profile reports like Mandiant’s finally tying Beijing to cyber espionage, things were already looking tricky for US firms in China.
Then Edward Snowden happened – a gift from heaven for the Chinese government which can now portray itself as victim of spying, not a perp, with an even straighter face.
Expect the backlash to come from Beijing, partly because of this, but also because China has some world class companies of its own now, especially when it comes to networking equipment (Huawei and ZTE), PCs (Lenovo) and mobile devices (all of the above plus Xiaomi, Oppo, Meizu, Coolpad, etc etc), so it can afford to be more self-reliant.
IBM and HP have both announced they’re shedding jobs in the PRC, despite the strategic importance of the market.
IBM just announced a new cloud partnership which will see it team up with Azure partner 21 Vianet to provide managed private cloud capabilities to business customers there, however it admitted in October a 22 per cent sales slump in China. Ouch.
Cisco has seen a recent 6 per cent sales slump in China with John Chambers admitting on a November earnings call: “China continued to decline as we and our peers worked through the challenging political dynamic in that country.”
Then there’s Qualcomm, which counts China as a $1bn market, has worked with countless local OEMs to support their products and yet now finds itself at the centre of an anti-monopoly investigation which could see it fined in excess of $1bn.
The rule in Beijing seems to be; if you can’t beat ‘em (and China still has some way to go before its chip makers are world class), fine ‘em.
Expect more of the same next year.
So what of the great Chinese invasion? I spoke recently to Deloitte TMT partner William Chou about this.
In the hardware space historically only the likes of ZTE, Lenovo and Huawei had a chance to grow their offerings abroad, but with VC firms now splashing the cash, more innovative local firms will be able to invest in R&D and expand their footprint internationally, he argued.
Coolpad, Meizu and Xiaomi, to name but three, could be names to watch for 2014.
“There are a lot of these smartphone manufacturers but the ones which will be winners are not really the handset manufacturers but the ones which can combine hardware, software and internet services, like Xiaomi,” Chou told me.
Others he mentioned included a Shenzhen-based handset firm looking at JVs in France and South Africa and an unnamed private company “aggressively” looking to expand in the European market.
On the internet side there are fewer potential breakaway global brands which could make a real impact in 2014.
Tencent’s WeChat is definitely one of them, although Chou argued that Google-beater Baidu will struggle as it seeks to “re-engineer its business model from search to mobile internet”.
There are also a host of little-known software and online firms under-the-radar ready to pounce, including one of the China’s online travel giants which is looking to acquire in Germany, Chou revealed.
In fact, the recently announced Deloitte Fast 500 list of fastest growing APAC start-ups had more companies from the Middle Kingdom than any other represented, although none made the top ten.
Going into 2014 entrepreneurs who are able to “apply technology to other industries” will stand the best chance of success, Chou said.
“China has an ageing population and a one-child policy so healthcare is a serious problem, so how you apply e-health will be a trend,” he explained. “Another major challenge is pollution, so clean tech will be a major area for entrepreneurs to consider as well.”
Whatever happens, things are never quiet in this part of the world. Let’s see what you’ve got 2014.
China’s hacking problem: more sinned against than sinning?Posted: May 20, 2013 Filed under: Uncategorized | Tags: APT1, botnets, bulletproof hosting, china, communist party, cyber security, DDoS, HKCERT, infosecurity, mandiant, PLA, zombies Leave a comment
Last week I finished off an analysis of the China/cyber espionage stories that have been flying around in recent months, with a surprising conclusion – in many circumstances the country may well be as much a victim of attack as a perpetrator.
We are unlikely to ever find out the extent of state-sponsored cyber attacks on the US and its allies, although thanks to several high profile reports which name and shame Beijing it’s clear that the tip of the iceberg is well and truly showing.
However, we can be more clear about how secure or otherwise China’s IP address space is and make some general observations.
I spoke to several information security experts about this and they were all in agreement that China is a particularly attractive place to launch attacks from, simply because there are so many compromised PCs as well as enough bulletproof hosting firms there to use with impunity.
HKCERT senior consultant, SC Leung, explained to me how compromised computers, of bots, in China are helping cyber criminals from outside the country.
“The zombie computer, or bot, steals the data (using its IP address) and sends it back to the attacker. When tracing the compromise police can only find the bot computer IP address. The attacker can further command the bot to send the data to Dropbox or a third party forum, and then retrieved it directly or indirectly. This long chain of investigation of different servers (probably in different jurisdictions) hampers the investigation.”
It’s also worth mentioning that not all attacks are being carried out by external forces to compromise Chinese IP addresses which are then used as a staging point to attack other countries. China has a massive internal problem with home-grown cyber crims targeting their own – stealing data, IP, bank credentials and even blackmailing by DDoS or other means.
It’s interesting to note that a week or so after I published this story, the FT ran an interesting piece which reached the same conclusions, claiming that the government is failing to provide coherent oversight on information security matters and that the forensics industry is virtually non-existent in China.
Apart from changing these two problems, there needs to be greater user education and awareness to ensure fewer PCs are vulnerable to outside attack, and a crack down on bulletproof hosters.
At the moment, the Party seems to be happy to close down porn sites in high profile raids, willfully censor its citizens and hit out at any US accusations of cyber subterfuge, but not to get its own house in order.
Cleaning up its address space first would would surely improve China’s standing internationally and may even help foster more cross-border co-operation, rather than the relentless mud-slinging of late.