Windows pain

Much like retailers might hire “secret shoppers” to measure the quality of sales staff in network, technology companies sometimes invite hackers to uncover flaws in their products. In 2013, Microsoft offered a “bug bounty” for the first time, and ended up paying out $100,000 to an engineer who hacked through its software.

But often hackers aren’t solicited and are not inclined to share their discoveries with the developers, choosing instead to keep the information so that they can exploit it later. This was the situation that led to a hacking technique developed by America’s National Security Agency (NSA) being withheld and eventually stolen by more malicious coders, who this month launched the global WannaCry ransomware attack.

For years China has been concerned about the NSA’s hacking capabilities, especially since Edward Snowden revealed the agency had secretly installed backdoor access codes on American tech, allowing it to access confidential data (see WiC198). To combat this cyber espionage, China has imposed more stringent controls on foreign tech firms operating in the country, such as requiring that they store all their data in China, and demanding the government be given access to source code so that it can check it for vulnerabilities (see WiC297).

Many foreign tech companies have resisted the pressure, but Microsoft has opted for cooperation instead. Last year it opened a Microsoft Transparency Centre in Beijing (its third globally) so that the government can test the security of its products. Unfortunately this cooperation didn’t prevent China from being hit by the WannaCry hack.

According to a report from Qihoo 360’s Threat Intelligence Centre, the virus had infected 28,388 networks in China by May 13, including over 4,300 education facilities. However the China Education and Research Network (Cernet, a wing of the Ministry of Education responsible for the computer network at universities) refuted these claims as “malicious hype”, stating that only 66 universities were affected.

Other organisations were more forthcoming about the extent of the fallout. PetroChina said that the attack had a severe impact on its network, because the oil giant was forced to cut the data connection to its filling stations to prevent the ransomware’s spread, the South China Morning Post reports. It then took 35 hours to restore payment operations at 80% of its pumps.

WannaCry exploits a flaw in Windows, which Microsoft had already released a patch to fix. But one reason why China was so heavily hit by the virus is because a high number of computers run bootlegged versions of Microsoft’s operating system, and so do not receive vital security updates. The Software Alliance reported last year that up to 70% of computer users in China were running unlicensed software. Tang Wei, senior engineer with Chinese cybersecurity company Rising, also told the SCMP that many infected state-owned and public networks were running custom-made operating systems using Windows XP as a foundation (which Microsoft no longer supports).

Microsoft stopped releasing updates for Windows XP in 2014 to focus on newer editions. But Beijing subsequently banned government computers from running later versions of Windows (see WiC337), in support of a domestic OS, called NeoKylin (see WiC297). This led some government users to resort to patching their outdated version of Windows XP with unofficial updates, adding a security risk.

Despite its problems in the country, Microsoft hasn’t given up on the Chinese market and this week it announced the release of a version of Windows 10 designed specially for China’s government departments. This edition allows Beijing to utilise its own data encryption methods and relies on a joint-venture co-run by a government entity to review and update the OS, meaning data needn’t leave China.“We are aware this could be perceived as a sensitive issue but it’s quite appropriate for a sovereign country, within its own computer system and its own employees to have its own encryption systems,” Terry Myerson, Microsoft’s Windows and Devices chief, said.

© ChinTell Ltd. All rights reserved.

Sponsored by HSBC.

The Week in China website and the weekly magazine publications are owned and maintained by ChinTell Limited, Hong Kong. Neither HSBC nor any member of the HSBC group of companies ("HSBC") endorses the contents and/or is involved in selecting, creating or editing the contents of the Week in China website or the Week in China magazine. The views expressed in these publications are solely the views of ChinTell Limited and do not necessarily reflect the views or investment ideas of HSBC. No responsibility will therefore be assumed by HSBC for the contents of these publications or for the errors or omissions therein.