Digital Censorship Tools Revealed: A Look into the Global Surveillance Market
Recent leaks from a lesser-known Chinese company, Geedge Networks, have unveiled significant insights into the marketing and exportation of digital censorship tools worldwide. This firm offers a commercialized version of China’s “Great Firewall,” which has been sold to countries such as Kazakhstan, Pakistan, Ethiopia, and Myanmar. The leaked documents detail the company’s extensive capabilities in monitoring, intercepting, and manipulating internet traffic, leading researchers to label it “digital authoritarianism as a service.”
While the Great Firewall of China is often perceived as a monolithic system, the development and operation processes mirror those of surveillance technologies prevalent in the West. Geedge engages in partnerships with academic institutions for research and development, customizes its strategy for various clients, and utilizes surplus infrastructure from its competitors. In Pakistan, for example, Geedge secured a contract to replace equipment previously provided by Canadian firm Sandvine, as indicated in the documents.
In a related incident, another significant leak from the Chinese company GoLaxy emerged recently. This firm leverages artificial intelligence to analyze social media activities and generate propaganda. A 399-page leak revealed internal business strategies and and objectives, purportedly from a disenchanted former employee. Disturbingly, the final pages of this material claim that GoLaxy mistreats its staff through underpayment and excessive work hours. This document had apparently been accessible on the internet for months prior to its discovery by researchers at Vanderbilt University.
GoLaxy operates distinctly from Geedge, focusing primarily on aggregating open source information from social media, analyzing connections among political figures, and steering narratives online through synthetic profiles. The leaked information suggests that GoLaxy positions itself as a leader in big data intelligence analysis in China, catering to the Chinese Communist Party, government agencies, and military entities. Their technological briefs heavily emphasize conflicts involving Taiwan, Hong Kong, and U.S. electoral processes, but their clientele appears to be strictly domestic.
Despite their different operational focuses, Geedge and GoLaxy share striking similarities in how they function. Both companies maintain close associations with the Chinese Academy of Sciences (CAS), a prominent government-backed research institution, and they actively promote their services to provincial government agencies that require monitoring capabilities and have allocated budgets for surveillance and propaganda.
Requests for comments from GoLaxy went unanswered. However, in an earlier statement to The New York Times, the company denied any allegations concerning the targeting of U.S. officials, terming the claims misinformation. Researchers at Vanderbilt noted that they observed the company altering its website following the initial reporting.
In the West, academic researchers who spot commercial opportunities often transition into entrepreneurship or establish side ventures, a trend that is similarly evident at GoLaxy with its key researchers remaining affiliated with CAS. There is no guarantee, however, that these researchers will receive government grants, much like public university faculty in the U.S. must also pursue clients independently.
Documentation from the leaks indicates that GoLaxy set ambitious sales goals, aiming to secure approximately 42 million RMB (around $5.9 million) in contracts with Chinese government agencies in 2020. Additionally, a spreadsheet from 2021 lists various current clients, including military branches and state security agencies, while also showcasing potential customer targets.
These revelations highlight the growing global landscape of digital surveillance and censorship technologies, raising concerns for business owners about the potential risks associated with such systems. Understanding the tactics used in these operations, as per the MITRE ATT&CK framework could be essential for mitigating potential threats. Techniques potentially employed may range from initial access strategies, where adversaries breach systems, to methods for privilege escalation and persistent access, ensuring long-term control over the targeted environments. As digital threats evolve, staying informed about the mechanisms and motivations behind these surveillance systems becomes crucial for bolstering cybersecurity efforts.