China data security 'non-existent' in eyes of US firms

While Chinese IT vendors such as Huawei and ZTE face barrriers expanding their presence in the U.S., vendors from the world's largest economy such as Cisco Systems have succeeded in establishing theirs across China.

A story titled "Review Cisco" on Chinese magazine China Economy and Information, said the country--which is frequently accused by Western media as a source of security threats--is the de facto victim of network security.

It cited data from China National Computer Network Emergency Center, which shows nearly 50,000 foreign IP addresses were Trojans or botnet control servers involved in the hijacking of nearly 8.9 million PCs in China last year.

Some 99.4 percent of these 50,000 servers originated from the United States. Nearly three-quarters of the IP addresses involved in phishing attacks against Chinese banks during the period, also were from the U.S., the report added.

The startling data showed the fragile state of network security in China today, leading to the country's information security being "non-existent" in the eyes of eight U.S. companies--Cisco Systems, IBM, Google, Qualcomm, Intel, Apple, Oracle, and Microsoft--which dominated with huge market share in key industries across China.

The story also quoted a security expert in China who said the country, as the world's second-largest economy, is now "standing naked" in front of the eight U.S. companies which have been armed to the teeth.

Citing anonymous data, the article said more than 90 percent of the world's IT security attacks originated from the United States. And since the network equipment are essential parts of cyberwarfare weapons, this suggests relevant government departments in China need to come up with more ways to deal with the data attacks from the United States.

Since the U.S. government started playing with the information warfare fire, Cisco's communication equipment--which are known for high quality--have reported numerous failures in the country, said the report, citing several examples including sudden Internet disconnections and telecommunications disruptions. It also questioned the security vulnerabilities in Cisco's operating system, including unsafe plaintext password system, low-level encryption algorithm, and protocol design. 

"Network disconnection, backdoor [attacks], and the plaintext password will make Chinese companies using Cisco's equipment for core areas of information security fragile like paper, when war breaks out in the future," said the report.

In the wake of such threats, large state-owned enterprise China Unicom has replaced the Cisco network equipment it was using. China Unicom was Cisco's second-largest client in China, according to the report.