Chinese government plans to push through standardization of a new internet architecture could broaden the threat landscape, destabilize security and privacy, and fragment the world wide web, a new NATO report seen by Infosecurity will warn.
First proposed at the UN’s International Telecommunication Union (ITU) last September, the plans call for a replacement to the current TCP/IP model, dubbed “New IP.” They’re being led by Huawei, China’s state-run telcos and the government itself.
Published by the FT, the plans claimed that TCP/IP is broken, incapable of supporting IoT advances, space-terrestrial communications and other innovations coming down the line, such as holographic comms.
It also points to security vulnerabilities in the current model and claimed its “ubiquitous, universal and better protocolled system” would provide improved security and trust for the internet.
However, an upcoming report from Oxford Information Labs (Oxil) for NATO is extremely apprehensive of the plans. China is effectively “creating a perception of necessity” for its new model when in fact TCP/IP is far from completely broken — in fact, it has adapted consistently well to everything thrown at it over the years, it says.
Even worse, the New IP model for a decentralized internet infrastructure (DII) will undermine security and embed “fine-grained controls in the foundations of the network” — ultimately putting more control into the hands of the ISPs.
“New IP would centralize control over the network into the hands of telecoms operators, all of which are either state run or state-controlled in China,” the report authors told Infosecurity. “So, internet infrastructure would become an arm of the Chinese state.”
New IP also includes plans for an object identifier resolution system to replace the current Domain Name System (DNS), ostensibly to improve performance, stability, privacy and security. But Oxil claimed: “The use of alternate technologies for identification on the internet and the DNS would lead to less predictability in cyberspace and new questions around norms and governance.”
It also criticized the New IP plans for distributed ledger technology (DLT), which China claimed is necessary to counter overt centralization of internet architecture, in the hands of IANA, CAs and other bodies.
In the Chinese model, governments are likely to have control over the DLT, thus enabling mass surveillance, Oxil argued.
“It is not uncommon for language of ‘trust’ to replace ‘security’ in Chinese DII-related discussions. This is concerning because it indicates that the principle of ‘security by design’ – at least in the Western context – is not being adopted in DII’s development. In the long-term this could negatively impact cybersecurity globally,” the report claimed.
The plans are being pushed through at pace at an ITU level, with Oxil and other UN delegates alarmed at the speed such radical changes are being proposed, and the impact of global standardization of New IP.
It will “increase the threat landscape by introducing new security uncertainties across the stack” and provide authoritarian governments everywhere with a new model for controlling the populace, Oxil warned.
The fragmentation of the global internet into national, government-run “intranets,” will also undermine the predictability of cyberspace and NATO’s ability to protect and defend its networks, it continued.
“A proliferation of alternate internet technologies will increase the internet’s threat landscape, decrease predictability, and potentially destabilize existing and future norms for responsible state behavior in the online environment,” the report concluded.