4471525345?profile=RESIZE_400xA new NATO report exposes Chinese government leaders plan to push through standardization of a new Internet architecture which will broaden the threat landscape, destabilize security and privacy, and fragment the world wide web. First proposed at the United Nations International Telecommunication Union (ITU) conference in September 2019, the plans call for a replacement to the current TCP/IP model, dubbed “New IP.”  China is being led by Huawei, its state-run communications company, and the communist Chinese government itself.  This is one more example of China pushing their own agenda on the 193 nation members of the UN.[1]  Red Sky Alliance has reported extensively on China in the past.  

The Chinese Internet plan claims that TCP/IP is broken, incapable of supporting IoT advances, space-terrestrial communications, and lack other innovations in development, such as holographic communications.  China also points to security vulnerabilities in the current model and claimed its new model provides “ubiquitous, universal and a better protocolled system” that will provide improved security and a higher trust level for the Internet.

This important NATO report, supported by Oxford Information Labs (Oxil), expresses skepticism of the Chinese plans.  China is effectively “creating a perception of necessity” for its new Internet model when in truth, TCP/IP is far from broken.  In fact, it has adapted consistently well to every IT challenge it has encountered.  The New IP model for a Decentralized Internet Infrastructure (DII) will undermine security and embed “fine-grained controls in the foundations of the network,” ultimately putting more control into the hands of the ISPs.  The result of these new protocols would place this Internet infrastructure in the hands of the Chinese government.

The new IP also includes plans for an object identifier resolution system to replace the current Domain Name System (DNS), presumably to improve performance, stability, privacy and security.  But Oxil researchers state that, “The use of alternate technologies for identification on the Internet and the DNS would lead to less predictability in cyberspace and new questions around norms and governance.”  And from an international view, this is not good.  It also criticizes the New IP plans for distributed ledger technology (DLT), which China claims is necessary to counter overt centralization of Internet architecture, in the hands of IANA, CAs and other bodies.  This has more to do with control, than cooperation.

In the Chinese model, governments are likely to have control over the DLT, thus enabling mass surveillance, Oxil argues.  “It is not uncommon for language of ‘trust’ to replace ‘security’ in Chinese DII-related discussions.  This is concerning because it indicates that the principle of ‘security by design’ at least in the Western context is not being adopted in DII’s development.  In the long-term this could negatively impact cybersecurity globally,” the NATO report claimed.[2]

Chinese plans are being pushed through at an ITU level, with Oxil and other UN delegates expressing alarm at the speed of such radical changes are being proposed, and the negative impact of global standardization.  China’s Internet will “increase the threat landscape by introducing new security uncertainties across the stack” and provide authoritarian governments everywhere with a new model for controlling its populations and cultures. 

The fragmentation of the global Internet into national, government-run “intrAnets,” will also undermine the predictability of cyberspace and NATO’s ability to protect and defend its networks.  The report warns, “a proliferation of alternate Internet technologies will increase the Internet’s threat landscape, decrease predictability, and potentially destabilize existing and future norms for responsible state behavior in the online environment.”  With China on the hot-seat because of the COVID-19 pandemic, others will be taking a hard look at China’s proposed “new” Internet.  By the way: Russia is considering a similar internal country centric “Internet.”

Red Sky Alliance is   a   Cyber   Threat   Analysis   and   Intelligence Service organization.  For questions, comments or assistance, please contact the lab directly at 1-844-492-7225, or feedback@wapacklabs.com Interested in a RedXray demonstration or subscription to see what we can do for you?  Sign up here: https://www.wapacklabs.com/redxray    

 

Reporting:   https://www.redskyalliance.org/

Website:      https://www.wapacklabs.com/

LinkedIn:     https://www.linkedin.com/company/wapacklabs/

Twitter:        https://twitter.com/wapacklabs?lang=en

 

[1] https://www.infosecurity-magazine.com/news/nato-warns-new-authoritarian/

[2] https://www.ft.com/content/c78be2cf-a1a1-40b1-8ab7-904d7095e0f2

E-mail me when people leave their comments –

You need to be a member of Red Sky Alliance to add comments!