Born to spy: China built backdoors into African Union’s headquarters for spying

The African Union’s HQ building was bugged by the Chinese government for five years
By Nick Statt

The African Union, a coalition of 55 countries established in Addis Ababa, Ethiopia, has been a victim of state-sponsored espionage after an investigation from French newspaper Le Monde revealed China was using the computers in a new building’s IT division to spy on its continental neighbors.
China was able to do this because it financed and built the new building itself to act as the African Union’s new headquarters and gifted it under false pretenses of cordial partnership, Le Monde reports. 

The spying has been happening since 2012 when the building opened in downtown Addis Ababa. 

The backdoor into the African Union’s computer systems was first discovered in January 2017, when engineers in the IT division noticed an unusual spike of activity late into the evening when the building was no longer staffed.
China’s ambassador to the AU, Kuang Weilin, called the claims “absurd” in response, and denied China used the infrastructure for spying. 

“I think it will undermine and send a very negative message to people. Certainly, it will create problems for China-Africa relations.”

“[The building] has been fully equipped by the Chinese. The computer systems were delivered turnkey. And Chinese engineers have deliberately left two flaws: backdoors, which give discrete access to all internal exchanges and productions of the organization,” writes Le Monde. 

“According to several sources within the institution, all sensitive content could be spied on by China. A spectacular leak of data, which would have spread from January 2012 to January 2017. Contacted, the Chinese mission to the AU did not follow our requests.”
The AU moved quickly to remedy the situation by purchasing its own computer servers and encrypting its data and communications. 

Without official confirmation from the Chinese government, it’s unclear what the purpose of a cyber-espionage operation was beyond an apparent desire to keep an eye on the Pan-African region and monitor its governmental policymaking.
Regardless, without more information, the news is sure to further complicate the relationship between Chinese companies, which are intertwined with the country’s government, and the rest of the world, specifically the United States in which some Chinese companies perform a majority of overseas business. 

Chinese phone maker Huawei lost a deal with AT&T earlier this month to sell its new smartphone, the Mate 10, in the US over concerns of government spying. 

Huawei CEO Richard Yu addressed the situation at the Consumer Electronics Show in Las Vegas on January 9th, going off-script to say, “We are serving over 70 million people worldwide. We’ve proven our quality.”

No Surprise: Backdoors and Spyware on Smartphones is the Norm in China

All the three biggest Chinese smartphone manufacturers, Xiaomi, Huawei and Lenovo had preinstalled spyware in their smartphones
By Oiwan Lam

Kryptowire, a security firm, recently identified several models of Android mobile devices that have preinstalled permanent software, known as firmware, that serve as backdoor that collects sensitive personal data, including text messages, geolocations, contact lists, call logs and transmits them to a third-party server in Shanghai, China.
Without users’ consent, the code can bypass Android's permission model. 

This could allow anyone interested in a mobile user's data — from government officials to malicious hackers — to execute remote commands with system privileges and even reprogram the devices.
The firmware was developed by Chinese company Shanghai ADUPS Technology Company. 

ADUPS confirmed the report with a statement explaining that the software was a “solution” to a Chinese phone manufacturer’s demand to “flag junk texts and calls” in response to user demand. 

It said the collected messages would be analyzed to “identify junk texts” and “improve mobile phone experience.”
Kryptowire's research reveals that the collected information was protected with multiple layers of encryption and then transmitted over secure web protocols to a server located in Shanghai. 

The data transmission occurred every 72 hours for text messages and call log information, and every 24 hours for other personally identifiable information.
ADUPS explained that the “accustomed” firmware was "accidentally" built into 120,000 mobile products of one American phone manufacturer, BLU Products. 

After BLU raised the issue, ADUPS explained that the software was not designed for American phones and deactivated the program on Blu phones.
The news has been widely reported in foreign media as ADUPS is among the largest FOTA (firmware over the air) providers in the world. 

The company provides a cloud platform for mobile device management to over 700 million active users in 200 countries, which is equivalent to 70% of the global market share as it works closely with the world largest cheap mobile phone manufacturers ZTE and Huawei, both of which are based in China. 

In 2015 alone, Huawei sold more than 100 million smartphones.
Chinese netizens have not been surprised by the news. 

Reports about spyware preinstalled in Chinese mobile brands have circulated for many years among mainland and overseas Chinese speaking-communities. 

In 2014, Hong Kong Android Magazine reported that Xiaomi’s smartphones designed for overseas markets were automatically connecting to an IP in Beijing and that all documents, SMS and phone logs, and video files downloaded were being transmitted to a Beijing server.
In 2015, Germany-based security company G-Data also found out that at least 26 Android mobile brands had preinstalled spyware in their smartphones.
The three biggest Chinese smartphone manufacturers, Xiaomi, Huawei and Lenovo were all listed.

China's newly passed Cybersecurity Law has provided legal ground for the smartphone’s backdoor operation. 

The law requires “critical information infrastructure operators” to store users’ “personal information and other important business data” in China.
Other laws, such as the Child Protection Bill (still in draft), also requires hardware companies to pre-install surveillance software on communication devices and legalize specific approaches to treating internet addiction.
In addition to the surveillance of private data as required by law, Chinese Android phone users regularly download Android apps from unofficial third party app markets since Google left China in 2010. 

These Android markets are flooded with apps containing malware that can steal and manipulate personal data.
On November 16, the New York Times reported that American authorities say it is not clear whether this represents secretive data mining for advertising purposes or a Chinese government effort to collect intelligence.
In response to the news, many Chinese netizens are pointing out the abusive use of personal data and government surveillance has become the norm.
信息泄露人们早就见惯了，即使是被Gov监视人们也不会在意。we are nobody.
We are so used to the leaking of personal data. We don’t care about government surveillance anymore. We are nobody.