You would think brilliantly designed and supposedly
foolproof technology would be impenetrable; that’s not always the case. If you’re talking about telecommunications
systems from overseas, you would be wrong.
What a lot of people don’t understand about technology is that it is far
from standardized. Consider that
hardware and software provided by foreign suppliers ARE vulnerable to
attack. This is especially true in the
cases of companies that have strong government ties.
What Could Go Wrong?
In theory, you could be opening your
telecommunications systems to a major threat from overseas. If you are doing business with a company from
another country, you are not governed by the rules and standards of the United
States or Canada. You are buying hardware or
software that is outside of your country’s jurisdiction. You have no control over what the software or
hardware might be doing to your system.
This could even leave your system vulnerable to security threats,hacking attacks or all sorts of spyware.
Professor David Skillicorn at the school of computing at Queen's
University in Kingston, Ontario states that "If you buy…software that's
essentially produced by the government of another country, then you have no
control over what that [system] might be doing.” Skillicorn added, "It's the reason we
don't buy fighter planes from the Russians. If you're running on hardware that
somebody else built, and you don't trust the somebody else, then it's never
going to do.”
Indeed,
trust is a major concern in these matters.
And since globalization is a relatively new phenomenon, this principle
of trust must be emphasized to North Americans who naively download everything
on the net, regardless of its origins.
Thomas Dean, a professor in the department of electrical and computer
engineering at Queen's stated that “[Companies] can hide things in
software. Hardware components…can record
things. They can transmit things.”
Yes, some so
called telecommunications systems that you find overseas could literally be
built just to be a “backdoor”, just a thinly veiled attack on your system. Canada recently had an altercation worth
reporting. The government allowed
China's Huawei Technologies to do business with major Canadian companies,
including Bell, Telus and WIND Mobile.
This raises the threat of rogue telecommunications systems, and it’s all
the more scary when you consider that the United States and Australia have already
blocked Huawei Technologies from doing virtual business in their
territories. Accusations have been made
regarding Huawei performing espionage for China, though predictably, the
company denies such allegations.
These supposed rogue telecommunications
systems are largely conspiracy theory at this point, since even suspicious
computer experts cannot produce any evidence that any tampering has
occurred. Huawei stated publicly that
“All stakeholders, including governments, have a clear understanding of the
tools we use…We've worked openly and transparently in consultation with our
customers and governments…”
Naturally, if the company were corrupt and
performing clandestine operations they could not openly admit it. This is hardly a “new” issue, as
intelligence agencies have always been cautious when dealing with
foreign-controlled technology. After
all, such a company would have easy access to North American secrets, or could
ever install a virus or malware program to disrupt business.
It’s not only a matter of countries doing
war, but even international competitors who are itching to get ahead in
business. Skillicorn further commented,
“It means that if you buy a switch from a company it [could] take a copy of
everything that passes through it and send it off to another [country].”
Why It’s a Risk
Why can’t North American competitors simply
inspect the telecommunications systems and ensure there is no tampering? Because you’re talking about very miniscule
additions, the likes of which are not easily found. Companies and computer experts would
literally have to tear the units to pieces and examine them…hardly worth the
investment!
Skillicorn expressed confidence that
intelligence briefing between Canada and other countries on friendly terms
would not consider using any overseas company for secure communication. However, there is a certain laxness at the so
called “next level down.” For instance,
consider the fact that governments are already using encrypted communication
over shared channels. Shared channels,in essence, means public infrastructure.
That means you are open for a threat, just as with “shared
hosting.” Now it’s just a matter of
determining, more like hoping, that your encryption is strong enough to protect
your information.
Remember that even if data cannot be extracted
from supposedly secure telecommunications systems that it is fairly easy for an
expert programming team to disrupt a system using what is called a kill
switch. That could have huge
ramifications for the military, not to mention commercial companies. So how secure is your country, your company,
your business?
If you're concerned with your present telecommunication security levels, please feel free to contact one of BroadConnect Telecom's experienced staff.
No comments:
Post a Comment