Researchers accuse China Telecom of hijacking Internet traffic for the government, Radisson Hotel’s reward card program hacked and vulnerabilities found in a Bluetooth Wi-Fi chip
Government-owned China Telecom has been hijacking Internet traffic from Canada and the U.S. for some time, according to a research paper published in Military Cyber Affairs. It’s the journal of the Military Cyber Professionals Association. The two authors are the chair of cyber security at the U.S. Naval War College, and a professor at Tel Aviv University and a member its Interdisciplinary Cyber Research Center. They say China Telecom is abusing its points of presence around the world – including in Vancouver, Toronto, Seattle and New York – to divert and copy Internet traffic. In one six month period in 2016 traffic between Canada and South Korean government sites was diverted to China, the paper alleges. This pattern continued for six months, which the paper says is good evidence it was not a short term misconfiguration or temporary Internet disruption. The authors say there’s other evidence of diverted traffic between the U.S and an Italian bank, and six weeks of data from Sweden and Norway to the Japanese network of a large American news organization. While China Telecom has points of presence in Canada and the U.S., China doesn’t allow carriers from these countries to have points of points of presence there. The authors say Western governments should demand reciprocity. That, they believe, would curb some of this data hijacking.
The Radisson Hotel Group, which includes the Radisson, Park Plaza, Park Inn and Country Inn hotels, says its rewards card database was recently hacked. The company says a “small percentage” of data was accessed, including member name, address, email address, and in some cases, company name, phone number, Radisson Rewards member number and any frequent flier numbers on file. No credit card or password information was accessed. Affected reward card members were notified by email early last week. Radisson Reward card members should monitor their account for any suspicious activity. Note that hackers claiming to be from Radisson Rewards may send email with malicious links to fake websites and try to gather personal information. Radisson says it does not ask for your password or user information to be provided in an e-mail.
Some business models of Wi-Fi access points made by Cisco Systems, Meraki and Aruba could be vulnerable to being hacked because of a flaw in Bluetooth Low Energy chips made by Texas Instruments. That’s the word from a security vendor called Armis, which has issued a report on the problem. These chips allow the creation of short-range networks for the tracking of things like hospital equipment, sales devices in stores and smart locks in hotels and offices. Texas Instruments as well as the equipment makers have issued patches that business network administrators should be looking out for.
That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Podcasts or add us to your Alexa Flash Briefing.