In the past few years, along with Russia and North Korea, several cyberbullying reports have highlighted China’s name for sponsoring cyber attacks, targeting several countries around the world. But now it looks like the Chinese Communist Party (CCP)-ruled country has tasted its own medicine as reports claim it faced a massive cyberattack that leaked the data of more than 1 billion Chinese people .
As the report went viral, earlier this month, experts said that if the news is true, it would make this particular incident one of the biggest data breaches in the history of the world.
It was found that an anonymous hacker gained access to Shanghai Police’s database and, for more than a year, the dashboard was accessible online without a password to maintain the database, making it easy to browse and retrieve its contents. Done.
Later, cyber security experts said the data was kept on Alibaba’s cloud servers, apparently by Shanghai Police. It was also claimed that researchers investigating the leaked data identified hallmarks of Alibaba’s cloud service, including the hosting service’s domain name.
according to a report from wall street journalCyber security experts claimed that for more than a year, a dashboard to maintain the database was accessible online without a password, making it easy to browse and retrieve its contents.
So now, Shanghai officials have summoned Aliyun, the cloud division of the Chinese tech giant.
censoring online discussions
Those who know how China works are well aware of the fact that Beijing effectively silences voices that either criticize the CCP government or openly discuss any authoritarian failure. does. For example, the late Chinese doctor Li Wenliang, now known as the whistleblower of the COVID-19 pandemic, became the target of authorities after he attempted to inform citizens about the virus.
Now once again, reports have surfaced that after the news of the data leak became public, Chinese officials reportedly started leaving discussions online. This happened after a self-proclaimed hacker, “Chinadan”, offered to sell a large trove of data for 10 bitcoins, equivalent to 23TB, or about $200,000.
But then, it was reported that discussions concerning the veracity of the claimed breach were suppressed shortly after the post and hashtag surfaced. Popular hashtags such as “data leak” and “record leak of 1 billion citizens” can no longer be accessed on Chinese social media site Weibo.
Meanwhile, WeChat, a popular Chinese messaging service, is said to have removed posts describing the possible consequences of the hack for Chinese individuals whose personal information was exposed.
Similarly, only a few results were shown of a data breach allegedly by Chinese search engine Baidu.
Such censorship is probably due to Beijing’s ultimate motive to portray the country as the supreme power and an idea that could be termed as “what happens in China, stays in China”.
Related cabinet
Even two weeks after the alleged hacker attempted to sell vast amounts of stolen personal information, including names, phone numbers, addresses and criminal records, officials in Shanghai and China’s Cyberspace Administration have made no public comments on the high-profile issue. Haven’t commented.
But the data leak also comes at a time when Chinese President Xi Jinping is probably just months away from winning an unprecedented third term. So this incident not only shocked the officials but also forced the cabinet to focus on the cyber security of the country.
According to local media reports, Premier Li Keqiang during the State Council meeting stressed the importance of improving security management provisions, enhancing security capabilities, and protecting personal information, privacy, as well as economic privacy in accordance with the law.
Although there was no mention of a large-scale data breach, the timing of this meeting and the topic discussed by the cabinet indicates that the authorities are concerned about cyber security.
However, it should be noted that on January 4 of this year China’s Cyberspace Administration, in collaboration with 12 other government agencies, issued new measures for cyber security review.
The new measures update the “Measures for Cyber Security Review” (draft amendments to the comments) announced on July 10, 2021 and took effect on February 15, 2022.
It has also been pointed out at times that there are concerns about national security as many platform businesses retain a lot of personal data of their customers, especially if foreign agencies or organizations can access this data.
For example, Chinese regulators took action against ride-hailing giant Didi soon after it was listed in the US. Four days after its initial public offering on the New York Stock Exchange, Didi’s app was blocked over suspicion of collecting unauthorized user data.
tech companies
When it comes to China’s tech industry, it has been one of the main targets of the campaign against monopolistic behavior that began in late 2020, when e-commerce giant Alibaba’s fintech affiliate Ant Group launched its anticipated high-profile . IPO Stopped by regulators in Hong Kong and Shanghai.
This action affected the market capitalization of Alibaba.
Now Aliyun shares fell as much as 5.8% in Hong Kong on July 15, after Shanghai authorities summoned Aliyun.
The investigation has once again raised concerns among investors, as they worry that the incident could impact future cloud service regulations in China, which could hurt some of the country’s biggest companies.
There is also talk about the use of “state backed cloud systems” and as per reports, this change is already underway. For example, local governments in places like Nantong and large corporations such as China Construction Bank were already using state-backed cloud infrastructure.
In the case of Aliyun, the Ministry of Industry and Information technology It was criticized last year for failing to notify the government on time about a software flaw. The incident affected the overall reputation of the company.
After that, the Chinese ministry put a six-month moratorium on its cooperation with Aliyun on the cybersecurity information-sharing platform.
During this, Alibaba Temporarily disabled access following the disclosure of the data theft and launched an internal investigation into the incident, including examining the database architecture and configuration for their agreements with customers, specifically with government and financial institutions.
All this chaos in China comes at a time when the Enforcement Directorate (ED), Income Tax (IT) Department and Directorate of Revenue Intelligence (DRI) are investigating Chinese tech companies in India. The latest to come on the radar is Oppo.
Additionally, due to national security concerns, the government of India More than 267 China-based apps have also been banned in the country, including TikTok, Shareit, UC Browser, Likee, WeChat, Weibo, PUBG Mobile, PUBG Mobile Lite and Alipay.
While these investigations involving Chinese tech companies may seem unrelated, it is not.
The standoff between the Indian Army and Chinese troops along the Line of Actual Control (LAC) in eastern Ladakh and the skirmish between the two armies in the Galwan Valley is believed to be at the core of the issue.
Since the standoff between the two countries, the Indian government has expanded its surveillance of Chinese enterprises and Indian subsidiaries of those companies, leading to numerous inquiries and investigations.
In addition, it was also reported earlier this year that large amounts of personal information were being collected by Chinese enterprises under investigation in India for tax evasion and questionable financing, and that the alleged true beneficiaries were senior CCP members.
The fact that Beijing can access a large portion of this data because Chinese businesses are required by local law to comply with data disclosure rules raises national security concerns in India about such access.
Apart from companies like Oppo, Vivo and Xiaomi, Indian security agencies are also looking at over a dozen Chinese loan apps due to security concerns.
However, it is still not known what kind of new measures will be introduced by the Chinese government after the major hack, but if the new rules appear to be more relevant, given the data security of Indians, Chinese companies may see a more difficult time. can. While working in India.
read all breaking news, today’s fresh newswatch top videos And live TV Here.