China to launch security reviews on tech products

[Mao1949]

China will give a cyber security review to keep national security and protect public interest, the State Internet Information Office said on Thursday.

The review will target IT products, services and suppliers of information systems related to national security and public interest, according to a statment from the office.

The policy aims to prevent a supplier from taking advantage of its product to illegally control, disturb or shut down computer systems of its users, as well as gather, store, process or use information of its users, the statement said.

Companies that fail the vetting, no matter overseas or national, will be stopped from supplying their products and services in China, the office said.

Making sure technology used for the Internet and computer systems are “safe and under control” is vital to China’s national security, economy, social developments and people’s legitimate rights and interests, Jiang Jun, the office’s spokesman, said on Thursday.

“For a long time, a few countries’ governments and enterprises have made use of their monopoly in the market and technological fields to collect sensitive data and information on a large scale, which not only damaged users’ interest, but also brought great threats to cyber space,” Jiang said.

In recent years, China’s government departments, social institutions, enterprises, universities and backbone networks of its telecom firms have suffered extensive invasion and wiretapping, he said.

A high-profile incident of document leakage in last June, which was developed by former Central Intelligence Agency contractor Edward Snowden, also rang the alarm for cyber security of many countries, he said, adding the case reminded people how crucial to the online security is to a country’s security.

“The case also tells us that without cyber security, there’s no national security,” he said.

Now, China has had the world’s most Internet users and the country has also realized to tighten cyber security measures, according to Jiang, adding the vetting will be effective on this occasion.

China is not the first country to adopt such security vetting, the statement said, adding the United State House Permanent Select Committee on Intelligence conducted security investigation on Chinese IT firms in 2012.

The US administration also asks federal agencies to choose cloudy computing services from service providers that have passed its security review.

 

[Mao1949]

 

[dlclong]

I think it should have done so!
It is not late.

 

[Mao1949]

China makes legitimate move with cyber policy

China’s new cyber space vetting policy targeted at IT products and services, which was announced on Thursday, is a belated move rightly taken by China, one of the world’s largest victims of cyber-theft.

Major IT products and services will be subject to government cyber security vetting if they concern national security and public interest, according to the State Internet Information Office.

The vetting is aimed to prevent a supplier from taking advantage of its products and services to illegally control, disturb or shut down the computer systems of its clients, as well as gather, store, process or use its clients’ information, according to an office statement.

China has become one of the largest victims of global cyber-theft. In 2011, it suffered from cyber attacks from 47,000 foreign IP addresses, most of them from the US and its allies, according to National Computer Network Emergency Response Technical Team Coordination Center (CNCERT). The situation has failed to improve since then, making it highly necessary for China to take countermeasures to protect its Internet security.

A large number of those attacks on China have targeted the country’s big companies, such as Huawei, and government departments and agencies, meaning China’s national security and business interest are at stake.

It is, therefore, legitimate for China to learn from leading Internet powers to devise its own Internet equipment and service vetting standards to protect national interest.

In 2012, the US House Permanent Select Committee on Intelligence conducted security investigations on Chinese IT firms. And it also asked federal agencies to choose cloud computing services from service providers that passed its security vetting.

In the UK, companies have to be vetted to meet new cyber security standards if they want to do business with the government, according to a new government policy from 2013. The policy prepares UK businesses against the growing threat of online attacks.

For China, Internet attacks could be a fatal threat given its weak technological abilities and lack of high-caliber professionals in related fields. It depends heavily on imports of key computer components, such as CPUs, operating systems, databases and high-end server products, making it highly vulnerable to online threats. Its IT markets, meanwhile, have been dominated by Western giants, such as Microsoft, Cisco, IBM, and Intel.

Now the number of Internet users in China has risen to 618 million, the largest number in the world. But China’s poor technological capacities have prevented the country from effectively protecting its users.

The Snowden incident served as a catalyst for China to accelerate its cyber security build-up. It has become more alert following the revelations of Edward Snowden, a former US National Security Agency (NSA) contractor that the US had been spying on various Chinese institutions and companies.

The new IT product and service vetting policy could be the start of China’s renewed efforts to build its own “technological Great Wall” to protect its national interest. It set up a central Internet security and information-leading group led by President Xi Jinping in February.

More steps could follow suit as President Xi vowed to turn the nation into an “Internet power.”

 

[Mao1949]

Foreign tech firms to face tougher times

Foreign technology companies will have a hard time in China - at least in the short run - afterthe world's largest computer and Internet market is set to impose a review policy on importednetwork and technology equipment and services.

The country will launch a cybersecurity testing program on major information technologyproducts and services used in national security and other public interest segments, agovernment statement said on Thursday.

Analysts said the announcement comes as China confronts the United States on Internetsafety issues.

Most of the leading foreign players in China's technologymarket are based in the US, including Cisco, Microsoft,IBM, Intel and Oracle.

Gene Cao, senior analyst at Forrester Research, said: "With tightening supervision measures on overseas ITproducts in government procurement, businesses in theaffected sectors will be less willing to buy from foreigncompanies."

Microsoft, Cisco and Juniper Networks declined tocomment on Thursday.

"I don't think the vetting program will have any big impacton IBM's business in the country," said an anonymoussource at the US company. "We have been providing ITproducts in mission-critical sectors such as finance. Anindustry-level IT system testing mechanism has been inplace for many years."

Less than a week ago, China barred newly purchasedgovernment computers from installing Windows 8. Microsoft described the decision as"unexpected".

It is clear the government wants to see a higher adoption rate of local IT products. But yearsof official support failed to produce IT products strong enough to challenge global giants.

In February, Red Flag Software, once the largest Linux-based software vendor in China,closed because of poor financial performance.

The company, backed by the Chinese Academy of Sciences, was the biggest challenger ofWindows systems in China, but it gained only a little brand awareness, even in State-controlled government projects.

Technological advantages may help overseas companies to survive in China despitetightening regulations, analysts suggested.

"Foreign vendors should localize more products and services in the country," said Cao fromForrester.

"They need to operate in China like local companies do."

 

[senheiser]

good news it means more jobs for chinese and less for americans, russia needs to create jobs too

 

[Mao1949]

good news it means more jobs for chinese and less for americans, russia needs to create jobs too

Russia must do the same thing.