Edward Snowden

Hong Kong's internet exchange offers snoopers rich pickings

Edward Snowden's allegations of US spying on Hong Kong's web traffic have been denied by officials, but the city has an online Achilles' heel

PUBLISHED : Thursday, 27 June, 2013, 12:00am
UPDATED : Thursday, 27 June, 2013, 6:54pm

There's no sign on the door of the Hong Kong Internet Exchange. The grey, bunker-like structure could easily pass for any other building on the bland-looking Sha Tin campus of Chinese University.

The exchange is fronted by a glass-panelled door covered on the inside with paper. Peeking through a crack in the door, there's little sign of life. On the ground floor, faded pink curtains hang, covering every small pane of glass.

Passers-by may not instantly realise it, but the exchange is the backbone of Hong Kong's internet infrastructure. Every e-mail, every bank transaction, every tweet or Facebook post passes through the innocuous-looking banks of machinery inside.

It's little wonder that the Chinese University would be a target for US hacking, as alleged by Edward Snowden.

Snowden said "network backbones" at the university and the mainland's Tsinghua University were among the targets of operations by the US National Security Agency.

All of the unencrypted data that passes through such gateways presents cyber-intruders with a mouth-watering opportunity. And while universities are common locations for internet exchanges, questions are now being raised as to whether they are appropriate sites for such tempting cyberspying targets.

Professor Chow Kam-pui, associate director of the Computer Forensics Research Group at the University of Hong Kong, said the government should treat the exchange like any other vital piece of infrastructure by "putting in additional [security] requirements for major backbones, with tighter control".

He said other governments were doing more than Hong Kong's to protect internet exchanges, ranking them alongside infrastructure such as gas pipelines and electricity grids.

Chow said Snowden had withheld certain details on the hacking attacks at Chinese University, meaning the implications were still open to interpretation.

"At the moment there is no evidence to indicate the servers have been hacked," Chow said. "It's not clear how the NSA did it. If the NSA hacked into machines and computers [Snowden] never told us whether it was the server, switches or router."

That kind of detail is important, said PricewaterhouseCoopers regional security and technology expert Kenneth Wong, as it potentially allows hackers to access a treasure trove of sensitive information.

Chow compared servers to shopping malls, in which everything was self-contained. He said switches and routers, however, were more like the open road, with a vast amount of traffic passing through.

"If the NSA is able to access [them], it is able to capture all the traffic," he said.

Founded by Chinese University in 1995, the exchange was set up as a one-stop shop for local and international web traffic as the internet boom times arrived, speeding up its performance locally by reducing reliance on servers in the United States.

Many exchanges are run by a mixture of private and public institutions on a not-for-profit basis, based on the idea that the internet is a public good and that it also generates income for business, even if only indirectly. In that context, Chinese University is seen as a neutral operator when it comes to dealing with the interests of private internet service providers.

Wong said: "Any disruption of traffic from hacking into its servers could greatly disrupt business activity."

If the Hong Kong Internet Exchange were hit by an attack, it could drastically affect the performance of the internet locally as other countries stepped in to act as temporary hosts.

Despite Snowden's allegations, Chinese University says it has found no evidence of hacking into the Hong Kong Internet Exchange.

When the South China Morning Post approached a member of the facility's staff to ask to see the exchange close-up, the staff member said no one was allowed in unless "you are a supplier to the exchange".

Every day at its peak, the exchange handles 280 gigabits of information per second, the equivalent of 17,000 five megapixel photographs, according to the university.

Some students on campus had no idea how close the exchange was to their lecture theatres.

"I didn't know about the exchange until the media told us and I feel surprised," said sports science student Kent Cheung, 20. "We just didn't know Hong Kong was connected here."

PhD student Wendy Fan, 26, said she didn't know that such important information was passing through an ordinary building on campus.

Journalism student Sam Tsung Yik-sam, 20, said he had not felt or seen any changes on campus since Snowden's revelations emerged.

The Hong Kong Internet Exchange was unavailable for comment.