Could China blocking VPNs lead to spying on business?

The "Great Firewall of China," designed to prevent its citizens from accessing some overseas content, has apparently undergone an upgrade.

And some observers say this may not only be an effort to stop citizens from reading or viewing Western information, but also to spy on international corporations doing business in the country who encrypt their internal communications.

The Guardian reported recently that the Chinese government is blocking internet services that have been able to "burrow secretly through what is known as the 'Great Firewall' ..."

"A number of companies providing virtual private network (VPN) services to users in China say the new system is able to 'learn, discover and block' the encrypted communications methods used by a number of different VPN systems," the report said.

"China Unicom, one of the biggest telecoms providers in the country, is now killing connections where a VPN is detected, according to one company with a number of users in China," the report said.

If the encryption works, even if the data is monitored, it cannot be read. It also means that a user's connection effectively starts outside the Great Firewall, providing access to all the sites the government blocks, including those of news organizations, search engines and social networking.

The crackdown is apparently no surprise to some users, who suspected more than 18 months ago, in May 2011, that the government was trying to disrupt VPNs. But The Guardian report said VPN providers are now noticing it as well.

Astrill, a VPN provider for users inside and outside China, has emailed its users to warn them that the Great Firewall system is "blocking at least four of the common protocols used by VPNs, which means that they don't function."

Author and security expert Bruce Schneier, chief security technology officer at BT, linked to the story on his website Schneier on Security. And according to a number of the comments on his post, the goal of the Chinese government may be more than simply censoring what its citizens can see.

[See also: U.S. commission fingers China as biggest cyberthreat]

One comment, by "Pybe," said the Chinese government is apparently blocking more than VPN services. "Recently, our corporate VPN that we're using to communicate with our Chinese partner has been blocked off regularly. We tried changing the port, but it kept on getting blocked off," he wrote.

Others said they believe there are relatively easy ways for VPNs to work around the block. Schneier said while this is probably true, it was only a matter of time before the block to be reinstated. "Remember, this is an arms race," he said. "If the VPN vendors push out a patch, the Chinese will see it and write code to block the patch. And so on and so on."

"Tor has been fighting this arms race with the Chinese for years -- it's very difficult."

Clive Robinson suggested in comments that there may be a more serious issue. "It may be a move designed to perform espionage by trying to force company secrets out into the open," he wrote. "Forcing companies off of VPNs ... will in effect open up corporate firewalls, thus also aiding in APT type activities."

Schneier said he doesn't know the intent of the government, noting, "That's more a political science question than a computer security question."

But if multiple international companies decide they can't risk losing their private, internal information, that could ultimately harm the Chinese economy. Astrill, the VPN provider, told its users it hopes the crackdown will be lifted.

"We believe [the] China censorship minister is a smart man ... and this blockage will be removed and things will go back to normal," it said in its email to users.

Read more about data privacy in CSOonline's Data Privacy section.

Join the CSO newsletter!

Error: Please check your email address.

Tags China UnicomGreat Firewall of ChinaapplicationsNetworkingvpnsoftwaredata protectionData Protection | Data Privacy

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Taylor Armerding

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts