An American IT security company recently published shocking news about phones manufactured in China. Cheap and relatively reliable devices send sensitive user data to servers in China every three days. Data flow to China has also been noticed in Latvia recently.
CERT.LV has noticed connections to Chinese servers from eight state institutions networks. CERT.LV has identified multiple infected devices responsible for backdoor access leaks. Work is being done to determine what kind of information was leaked to the east, Nekā personīga programme of TV3 reports.
Since last week, Chinese phones are no longer popular in USA. IT security firm specialists have found that 50 dollar phones begin secretly transferring text messages, contact data and call records to servers in China after 72 hours of being active. Owners are not informed of this data leak and there is no way to turn it off.
BLU products are sold to twenty thousand clients. Their products are programmed by Chinese Shanghai Adups Technology, the same company that produced software for devices used by seven hundred million people. This includes e-cars and Huawei phones sold in Latvia.
The company explains that the spying function is intended for marketing purposes, so that mobile phone manufacturer can better study users’ habits. American authorities are currently looking into the matter, concerned that this incident may be hiding attempts by the Chinese government to spy on other countries.
After this incident in USA, Latvian IT security firm CERT began paying more attention to the situation in Latvia. Experts found that shady Chinese servers may have received information from phones owned by Latvian state officials.
«Having performed an inspection, we have noticed there have been several hundred connection cases from multiple Latvian state institutions to Chinese servers. It is too soon to say if those are the same phones, as their popularity in Latvia is not high at all. Perhaps this is because Latvian officials had procured devices elsewhere and then brought them to Latvia. Maybe this is related to installed applications we know nothing about,» – comments CERT.LV deputy manager Varis Teivans.
Experts have noticed that the devices that have been contacting servers in China are specifically phones. Several of them have been found and have been handed over to CERT. The organization does not reveal which institutions have experienced data leaks. There is also no information regarding the purpose behind gathering of user data. «This entire story involved a number of different companies engaged in marketing, quality improvements and software development. One of those companies maintains servers. We don’t know how this information will be used,» – said Teivans.
Phones are not the only device that can be used to spy on people. CERT as a state institution has noticed many surveillance cameras in which manufacturers included options for third party access. An unspecified state institution installed several hundred cameras. They were manufactured by Chinese company Milesight. It is a serious company with a presence on the American market.
CERT.LV regularly organizes CyberChess event for IT security experts. During this event, IT technology experts try to hack devices chosen by organizers. «We thought it would be interesting to do something with security cameras. It is a very acute topic. People often set them up in their homes and companies. So I decided to come up with ways to make experts interested in finding ways to hack them. I thought about adding an artificial loophole,» – said IT security expert Kirils Solovjovs.
As it turned, however, the manufacturer had already installed something of the sort. A number of security weaknesses had been found in the test camera. Skilled hackers could easily exploit them. Experts found at least five vulnerabilities – five different potential backdoor access points. At least two of them provided complete control over the device. Those vulnerabilities have been fixed since the last CyberChess event. However, it was hard to force the manufacturer to do it.
China manufactures the lion’s share of the world’s electronic devices and their components. It is one of the leaders in software development as well. This scandal with spy-phones is not the only one that suggests China’s attempts to gather user data by using devices. The Pentagon had reported earlier in October that Lenovo computers produced in China have built-in spying software.
Former secretary to the National Security Council and deputy chief of the Constitution Protection Bureau Gundars Zalkalns allows that the Chinese government may have ties to spying devices.
Experts are certain that Latvia is not a target for China’s spying efforts. It is more likely those devices had ended up in the country with no such intent. It is far more likely those devices are intended to be realized in other, much larger economies. Defence Ministry’s state secretary Janis Garisons is confident the IT security situation in the country’s government sector is not bad. The situation is, however, problematic for the private sector, where people often try to save money on anti-virus software or procure cheaper phones and tablets. This only puts them, their business partners and the country at risk.