WikiLeaks Dump Adds to China’s Foreign-Tech Wariness — Wall Street Journal
BEIJING—The latest WikiLeaks trove hands fresh ammunition to China’s cyberspace hawks, already pushing to reduce dependence on foreign products that could be vulnerable to espionage, observers say.
“The level of alarm in China will certainly increase, and with it a renewed determination to clamp down still further on U.S. technology companies’ operations in China,” said Peter Fuhrman, chairman of Shenzhen-based advisory firm China First Capital, which follows China’s tech sector.
The documents released this week—more than 8,000 pages in all—purport to show how the U.S. Central Intelligence Agency breaks into computers, smartphones, TVs and other electronics for surveillance. Many documents deal with leading non-Chinese brands like Apple Inc. and Samsung Electronics Co., though there is some coverage of Chinese products, including routers from Huawei Technologies Inc. and Baidu Inc.’s search engine.
The Chinese-product references are relatively sparse—and, in some cases, obscure. An undated list of CIA internal hacking demonstrations, for example, includes the “Panda Poke-Huawei credless exploit”—which one cybersecurity specialist says may be a method for taking advantage of vulnerabilities without logins or other “credentials.” There is also the “Huawei VOIP Collection,” a reference to “voice over internet Protocol,” making phone calls over the internet.
The document doesn’t say whether these methods were used for intelligence gathering. Huawei declined to comment.
A file titled “Small Routers Research-work in progress” lists router models from Huawei and ZTE Corp. It also mentions China’s three state-owned telecom companies and Baidu’s search engine, without further details.
The telecom companies and Baidu declined to comment.
The leak also offered what seem to be workaday notes among colleagues, including one CIA worker’s complaint about one piece of software’s default-language setting. “I don’t speak Chinese,” he griped.
WikiLeaks’ website is blocked in China, but Chinese state-run media reported the document leak, focusing on U.S. companies. Overall response has been muted, possibly because the official spotlight this week is on Beijing’s annual legislative gathering.
Cybersecurity experts say China maintains its own robust cyberhacking apparatus, though Beijing characterizes itself as purely a hacking victim, not a perpetrator.
“China is opposed to any form of cyberattack,” foreign ministry spokesman Geng Shuang said Thursday. “We urge the U.S. side to stop its wiretapping, surveillance, espionage and cyberattacks on China and other countries. China will firmly safeguard its own cybersecurity.”
In recent years, China has seized on leaks about U.S. surveillance to fan public support for its domestic tech products. U.S. tech brands felt a chill after former U.S. National Security Agency contractor Edward Snowden revealed NSA surveillance methods in 2013.
“It is like snow on more snow,” one China executive of a U.S. technology company said of the potential sales impact of the latest leaks.
These leaks could help countries counter CIA tapping and develop their own capabilities, said Nigel Inkster, former deputy chief of U.K. spy agency MI6.
“China, Russia et al will now both be better attuned to the risks posed by these capabilities,” he said, “and will no doubt seek to use them themselves.”