Chinese Government Backdoor Spies on African Union Revealed

Author: John Honovich, Published on Jan 29, 2018

For 5 years, a Chinese government backdoor was used to spy on the African Union, according to a Le Monde investigative report. As is their tactic, China angrily dismissed the report as absurd.

China had 'donated' the building and computer system 6 years ago. As Le Monde explained:

In January 2017, the small computer unit of the AU discovered that its servers were strangely saturated between midnight and 2 am. The offices were empty, the activity was dormant, but data transfers were at a peak. A zealous computer scientist then looked into this anomaly and realized that the internal data of the AU were massively diverted. Every night, the secrets of this institution, according to several internal sources, found themselves stored more than 8,000 km from Addis Ababa, mysterious servers hosted somewhere in Shanghai, the Chinese megacity.

The report added that such transfers went on for 5 years, starting in 2012.

The Chinese furnished servers have since been removed and replaced.

China has been spending heavily to win over less developed countries as part of its 'Belt and Road' program.

Chinese Backdoor Concerns

Backdoor concerns in physical security are clearly rising, given backdoors in products from all 3 of the largest Chinese video surveillance manufacturers have been found in the past year (e.g., Hikvision, Dahua, Uniview).

Apologists often argue that China either (1) has no interest or (2) would not risk such backdoor misuse or (3) that it would be easy to immediately find out. The African Union backdoor spying undercuts all of that.

Use In Government Facilities

Given the African Union backdoor revelation, it increases the urgency of the question of whether products made by Chinese government-controlled companies, like Hikvision, should be used in any government facilities.

Vote / Poll

Comments (25)

Only IPVM PRO Members may comment. Login or Join.

Silly African Union, your Chinese friends are simply providing you with free cloud backup services!

I don't know why but this song pops into my head.

It wasn't me

TVT coming up to join soon

So I wonder what secrets China got?

Apologists often argue that China either (1) has no interest or (2) would not risk such backdoor misuse or (3) that it would be easy to immediately find out. The African Union backdoor spying undercuts all of that.

I would say that #3 is reinforced in this case at least. I mean all it took was someone to notice off-hours massive saturation of their servers and network, which obviously could have been avoided by a slightly smarter intercept program.

Also, note that the data center itself was paid for, designed and staffed by the Chinese government. So, I’m not sure what their surprise was.

Also, note that the data center itself was paid for, designed and staffed by the Chinese government. So, I’m not sure what their surprise was.

But it was so cheap!!!

the data center itself was paid for, designed and staffed by the Chinese government. So, I’m not sure what their surprise was.

The surprise was assuming China was their 'friends'. If you give your neighbor a PC, should they expect you to spy on their home network? Evidently, you are exposing your biases being realistic about Chinese spying?

As for being able to notice it, yes, I would agree. Though that is a little bit of a cat and mouse game. And given China's push for cloud AI, once they 'gift' that to you it's going to be hard to tell if they are uploading video for cloud AI processing or your internal information / secrets.

If you give your neighbor a PC, should they expect you to spy on their home network?

Yes, but this is a foreign government, not a neighbor you know personally. And governments are known to spy.

For instance, also from Le Monde:

British spying: tentacles reach across Africa’s heads of states and business leaders

I find it amusing to see the posts about the Chinese Equipment when the yanks finance the largest spying network in the world. When I was a young fellow, when buying tools I would always look for the Made in USA brand and an indication of a quality tool (Proto etc) not any more, American brands made in China. Same here in Au.

Excuse me, but we don't have a spying network. We have a monitoring network, and it's for our own good. And the FISA court is there to protect our privacy. Just read the memo.

Just read the memo.

I should or you did?

We were part of a major upgrade of 7 buildings at the AU HQ about 4 years ago that included the removal of all Chinese access control and video products. We partnered with Holland based TKH Security to provide a integrated platform for both access and VMS though a DC based integrator. They seemed very anxious to remove all the "donated" systems at least on the security side.

So have they known all this time that they were being spied on?

Maybe they thought it was the price they had to pay?

I think that they suspected this was the case but the conditions of the "donation" of the buildings were that they kept the installed systems in for a period of time. These systems also came with Chinese nationals as operators. We saw a similar situation in Libya about 7 years ago before it all fell apart. We were replacing the access control for the Cell provider there and found that they had recently upgraded to 3g service and a Chinese company had won the upgrade over Vodaphone and a division of Verizon. They provided the equipment and labor for two years.

Well, I guess this somewhat clears up the conversation today where I stated at this point we can only speculate their intent.

Maybe they actually thought nobody would notice. I mean, if they provided the equipment and most likely the installation free of charge, it's safe to assume they believed there wasn't anyone there smart enough to catch on to what they were doing, especially if they were told the systems would be backing up to the cloud at night.

In this case, the cloud meant the data aggregator China uses to steal technology from just about everyone. Why spend on R&D when you can just take other people's ideas? It isn't a coincidence that almost all of China's new weapon systems look like/are direct clones of US hardware.

I can say one thing, China's knockoff game is on point.

Exhibit A: https://news.usni.org/2015/10/27/chinas-military-built-with-cloned-weapons

I raised this issue a few years ago stating that Hikvision was the worlds largest trojan horse and no one believed me.

...and no one believed me.

Let the record show that at least three (3) did ;)

And apparently there were three Chinese nationals here at the time also.

How do these Chinese servers back up your Hikvision claim? I'm not sticking up for the Chinese, so don't get me wrong. I think that all nations, good or bad, spy anytime they can. Some influence elections. Some conduct cyberwars. Some just offer free cloud hosted backups with their free servers.

Well the last time I commented on the China "News" I got the wrath of Mr. H, and told myself I would stay on the sidelines in the future debates. But I couldn't resist. So no offense Mr. H, I'm gonna play the devil's advocate again.

First of all if the AU did lose valuable secrets, then I do sympathize with them.

But this report by LeMonde is either flawed or a laughable attempt to incriminate China. Or maybe Google just translated it wrong. Some confusing quotes:


All electronic communications are now encrypted and no longer pass through Ethio Telecom, the public operator in Ethiopia , a country renowned for its cybersurveillance and electronic espionage capabilities. From now on, the highest officials of the institution have foreign telephone lines and more secure applications.

So they don't trust Ethiopia's public companies so they get some unnamed foreign telephone lines?

--------------------------------------------------------------------------------------------

During the 29th AU Summit in July 2017, new security measures have been proven. Four specialists from Algeria, one of the institution's biggest financial contributors, and Ethiopian cybersecurity experts inspected the rooms and flushed out microphones placed under the desks and walls.

Now they use Ethiopian experts to inspect rooms? And Algeria doesn't really seem like a logical choice for security advice.

---------------------------------------------------------------------------------------------

The offices were empty, the activity was dormant, but data transfers were at a peak. A zealous computer scientist then looked into this anomaly and realized that the internal data of the AU were massively diverted.

Computer Scientist? LOL! A computer transferring data all by itself is anomaly? Really?

----------------------------------------------------------------------------------------

However, due to lack of resources and awareness among heads of state and most officials, pan-African digital territories remain at the mercy of foreign spies.

The only logical thing the LeMonde instigators said. The rest is BS.

----------------------------------------------------------------------------------------

But since this discussion is about conspiracy theories, I will take it a couple steps deeper and really throw some gas on the fire.

I'm guessing this Chinese computer system was windows based since they love it and have their own custom windows 10 version.

And what does windows like to do in the middle of the night when offices are empty? HINT:UPLOAD DATA

Maybe China is innocent or naive like the AU? So where are these AU secrets getting diverted to?
HINT:GATES,MONSANTO,AGRA

But why would LeMonde skip this chance to bash the US and Gates.
HINT:Bill & Melinda Gates Foundation, will visit Paris today

Well I think that is deep enough, I'll let somebody else take over from here and have some fun accusing, instigating and conspiring.

This is amateur hour at the African Union. Another case of crappy network security. Any IT person should have caught this immediately and the fact they didn't secure the outbound network traffic (and probably didn't have proper VLANs in place) is ridiculous. This was *EASILY* preventable.

Thanks for reeling this conversation back in - 100% true that this was preventable. The addition of a good firewall and some log monitoring might have been all that was required.

The lesson in this argument is that most people in our business are unprepared to protect the security network. I still don't see any sign that people in the security business are ready to design and install secure networks or are ready to understand the risks posed by questionable equipment.

And the Chinese government's role in this? No big deal?

What do you when they are offering cloud services (e.g., Hikvision Ezviz / HikConnect / Cloud AI) that require outbound network transmission?

Yes - it is a big deal if any security manufacturer is making an unsecure product. It is even more despicable if a security manufacturer is intentionally making products that are not secure. These manufacturers deserve the type of public flogging that IPVM is willing to provide and thank you for doing that!

However... there is a though that as security professionals we can and should fight this with better service. It IS possible to design a network that would be highly resistant to back doors and trojans.. Is anyone out there offering this type of network security as a service? Are they having success getting customers to pay for it?

Related Reports

First US State, Vermont, Bans Dahua and Hikvision on Feb 21, 2019
The first US state, Vermont, has issued a ban on a number of Chinese and Russian manufacturers including the world's 2 largest video surveillance...
Massive Leak Of Chinese VMS Provider Exposes Xinjiang Surveillance on Feb 20, 2019
A subsidiary of China’s claimed largest VMS provider is tracking the precise location and ethnicity of millions in China’s Xinjiang region,...
Hikvision 2018 Revenue Tops $7 Billion USD But Growth Slows To Low on Feb 15, 2019
Hikvision's annual revenue topped $7 billion for the first time in 2018, although growth slowed sharply. In this post, we analyze the latest...
Hikvision Chairman Praises United Front on Feb 14, 2019
Hikvision’s controlling shareholder held a meeting last month praising the United Front, a Communist Party organization known for its secretive...
US Senator Calls Hikvision and Dahua “Puppets of the Chinese Communist Party”, Urges Sanctions on Feb 07, 2019
Tom Cotton, Republican senator from Arkansas, has publicly called Hikvision and Dahua “puppets of the Chinese Communist Party and the People’s...
3 UK MPs Call For Investigating Hikvision Over Xinjiang on Feb 04, 2019
3 UK members of Parliament, including 2 with direct comments to IPVM, have called for the UK government to investigate Hikvision's Xinjiang...
Hanwha Techwin Favorability Results 2019 on Jan 31, 2019
Hanwha Techwin's favorability results surged, in IPVM's 2019 study, going from barely neutral in 2016 to strongly net positive, as the results...
Dahua China Significant Job Cuts on Jan 28, 2019
Dahua China has cut a significant number of jobs in the past few months, according to numerous sources. This is a significant shift from Dahua's...
Genetec Favorability Report 2019 on Jan 25, 2019
Genetec's favorability moderately strengthed, in new IPVM integrator statistics over their results from 2017, with 2019 results showing solid, but...
Huawei: Hikvision / Dahua "Strategy Is Just To Provide Cheap Cameras" on Jan 24, 2019
At the Intersec 2019 show in Dubai, IPVM spoke with the show's "exclusive artificial intelligence sponsor" Huawei who recently declared their...

Most Recent Industry Reports

Outdoor Camera Mounting Hardware Guide on Feb 21, 2019
Mounting cameras outdoors can be challenging, requiring understanding different types of equipment and methods. In this guide, we teach this...
HID Favorability Results 2019 on Feb 21, 2019
HID favorability results were strong, in the 2019 IPVM integrator study of 200+ integrators, with a net +62% and low negativity as the table below...
First US State, Vermont, Bans Dahua and Hikvision on Feb 21, 2019
The first US state, Vermont, has issued a ban on a number of Chinese and Russian manufacturers including the world's 2 largest video surveillance...
ADI 'SAVE BIG' On FLIR And Hikvision Examined on Feb 20, 2019
One is a major US defense supplier. The other is owned by the Chinese government. But you can "SAVE BIG" on both at ADI. In this note, we...
BluB0x Company Profile on Feb 20, 2019
BluB0x has doubled in revenue every year since its founding in 2013, according to CEO Patrick Barry. We originally reported on them in 2015. At the...
Security Installation Tools Guide - 22 Tools Listed on Feb 19, 2019
In this guide, we cover 22 tools that security installers frequently use. This is one part of our upcoming Video Surveillance...
Sales Cuts At Rasilient on Feb 19, 2019
Over the past 2 years, video surveillance storage specialist Rasilient has expanded its workforce significantly, aiming to build its own branded...
Exacq Raises VMS Software Pricing Twice in Less Than a Year on Feb 18, 2019
Most VMSes regularly release new features, but rarely increase their prices. For the 3rd time in 4 years, and 2nd time in 8 months, since being...
Axis IR Multi Imager Camera Tested (P3717-PLE) on Feb 18, 2019
Axis has released their first IR multi imager, the P3717-PLE, a repositionable model listing 360° IR illumination and flexible positioning,...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact