Monday, October 15, 2012

Did You Know That Expertly Made Telecommunications Systems Can Still Be Compromised?

You would think brilliantly designed and supposedly foolproof technology would be impenetrable; that’s not always the case. If you’re talking about telecommunications systems from overseas, you would be wrong.  What a lot of people don’t understand about technology is that it is far from standardized.  Consider that hardware and software provided by foreign suppliers ARE vulnerable to attack.  This is especially true in the cases of companies that have strong government ties. 

What Could Go Wrong?

In theory, you could be opening your telecommunications systems to a major threat from overseas.  If you are doing business with a company from another country, you are not governed by the rules and standards of the United States or Canada.  You are buying hardware or software that is outside of your country’s jurisdiction.  You have no control over what the software or hardware might be doing to your system.  This could even leave your system vulnerable to security threats,hacking attacks or all sorts of spyware.   Professor David Skillicorn at the school of computing at Queen's University in Kingston, Ontario states that "If you buy…software that's essentially produced by the government of another country, then you have no control over what that [system] might be doing.”  Skillicorn added, "It's the reason we don't buy fighter planes from the Russians. If you're running on hardware that somebody else built, and you don't trust the somebody else, then it's never going to do.”

Indeed, trust is a major concern in these matters.  And since globalization is a relatively new phenomenon, this principle of trust must be emphasized to North Americans who naively download everything on the net, regardless of its origins.  Thomas Dean, a professor in the department of electrical and computer engineering at Queen's stated that “[Companies] can hide things in software.  Hardware components…can record things.  They can transmit things.”

Yes, some so called telecommunications systems that you find overseas could literally be built just to be a “backdoor”, just a thinly veiled attack on your system.  Canada recently had an altercation worth reporting.  The government allowed China's Huawei Technologies to do business with major Canadian companies, including Bell, Telus and WIND Mobile.  This raises the threat of rogue telecommunications systems, and it’s all the more scary when you consider that the United States and Australia have already blocked Huawei Technologies from doing virtual business in their territories.  Accusations have been made regarding Huawei performing espionage for China, though predictably, the company denies such allegations. 

These supposed rogue telecommunications systems are largely conspiracy theory at this point, since even suspicious computer experts cannot produce any evidence that any tampering has occurred.  Huawei stated publicly that “All stakeholders, including governments, have a clear understanding of the tools we use…We've worked openly and transparently in consultation with our customers and governments…”

Naturally, if the company were corrupt and performing clandestine operations they could not openly admit it.  This is hardly a “new” issue, as intelligence agencies have always been cautious when dealing with foreign-controlled technology.  After all, such a company would have easy access to North American secrets, or could ever install a virus or malware program to disrupt business.

It’s not only a matter of countries doing war, but even international competitors who are itching to get ahead in business.  Skillicorn further commented, “It means that if you buy a switch from a company it [could] take a copy of everything that passes through it and send it off to another [country].”

Why It’s a Risk

Why can’t North American competitors simply inspect the telecommunications systems and ensure there is no tampering?  Because you’re talking about very miniscule additions, the likes of which are not easily found.  Companies and computer experts would literally have to tear the units to pieces and examine them…hardly worth the investment! 

Skillicorn expressed confidence that intelligence briefing between Canada and other countries on friendly terms would not consider using any overseas company for secure communication.  However, there is a certain laxness at the so called “next level down.”  For instance, consider the fact that governments are already using encrypted communication over shared channels.  Shared channels,in essence, means public infrastructure.  That means you are open for a threat, just as with “shared hosting.”  Now it’s just a matter of determining, more like hoping, that your encryption is strong enough to protect your information. 

Remember that even if data cannot be extracted from supposedly secure telecommunications systems that it is fairly easy for an expert programming team to disrupt a system using what is called a kill switch.  That could have huge ramifications for the military, not to mention commercial companies.  So how secure is your country, your company, your business?

If you're concerned with your present telecommunication security levels, please feel free to contact one of BroadConnect Telecom's experienced staff.

No comments:

Post a Comment