China Bars Foreign Antivirus as Cybersuspicion Deepens

Reuters’ Jim Finkle notes China’s exclusion of American Symantec and Russian Kaspersky anti-virus software from procurement for government use:

The report is the latest sign that Beijing is intent on promoting use of domestic information technology products after leaks from former National Security Agency contractor Edward Snowden raised concerns about foreign surveillance programs. Tensions between Washington and Beijing have also risen this year after the United States indicted Chinese soldiers on cyber espionage charges.

Symantec last month said it was in talks with authorities following reports that China had banned use of one of its products, data loss prevention software. At the time a Symantec spokeswoman said that there was no indication of a ban on the company’s flagship anti-virus software programs. [Source]

Information security researcher the grugq tweeted that the ban is “a smart move,” highlighting a speculative blogpost he had written in January:

[… W]hat is the best possible cover for a digital espionage tool? – Anti virus.

You want a program that:

  • runs continuously
  • gets constant updates from a command and control server
  • scans every file on the system
  • sends frequent data to the command and control server
  • updates itself dynamically as required based on C&C commands
  • is completely integrated into the operating system to run at the highest privilege level
  • kills or prevents running security analysis tools (eg debuggers) to protect itself [Source]

Meanwhile, China warned Microsoft on Monday not to interfere with an antitrust investigation announced last week. From Dan Levin at The New York Times:

The harsh warning, using terminology rarely seen in commercial cases and normally reserved for China’s most challenging political nemeses, like Japan and the Dalai Lama, signals how seriously Beijing is taking the inquiry at a time of rising tensions between China and the United States over spying and economic issues. The State Administration for Industry and Commerce issued a statement on its website “officially warning” Microsoft to obey Chinese law and “not to interfere with or hinder the investigation in any way.”

China has long maintained that the country must wean itself off foreign technology suppliers in order to strengthen its domestic industry and better protect its secrets from foreign governments. […] [Source]

China’s anti-monopoly law has been deployed against several foreign firms in recent months. State news agency Xinhua assured last week that the Microsoft probe is simply routine, pointing out that the company has faced similar investigations in other markets, but others see it as the latest expression of China’s longstanding suspicion of foreign technology firms. A series of on-the-street interviews by China Real Time shows similar concerns: respondents were optimistic that a “digital cold war” between China and the U.S. can be avoided, but several agreed that using American technology could leave China vulnerable.

Such wariness runs both ways. Chinese phonemaker Xiaomi, which just passed Samsung to become the biggest smartphone vendor in the Chinese market, responded on Monday to accusations that it sends users’ data to a server in Beijing. From Eva Dou at The Wall Street Journal:

The company’s global vice president Hugo Barra told The Wall Street Journal that users’ personal information is not stored on the server in Beijing that sparked cyberspying rumors last month, and that Xiaomi only stores personal information on different servers with users’ permission.

The rumors had begun when a user posted online in mid-July that his RedMi Note smartphone was “secretly” connecting to a server in Beijing, although he had turned off the data backup functions. The server was connecting to his phone’s media storage application, so he believed his photos and other data were being sent to Beijing. With consumers already wary in general about data privacy, the allegations took off across the Internet. [Source]