Beijing investigates infosec in academic journal database • The Register


China’s internet regulator has launched an investigation into the security regime protecting the China National Knowledge Infrastructure (CNKI) academic journal database, citing national security concerns.

In its announcement of the investigation, the China Cyberspace Administration (CAC) said:

CNKI is a private publishing company that has a monopoly on academic journal searches in China. In recent years, it has been criticized for imposing exorbitant price increases.

Price increases have been large enough – allegedly 132% between 2010 and 2016 – that some organisations, including the state-linked Chinese Academy of Sciences, have ended their CNKI subscriptions.

China’s antitrust watchdog, the State Administration for Market Regulation (SAMR), launched an antitrust probe into the company last May.

According to state-sponsored media world times, CNKI has more than 1,600 institutional clients and includes 90% of journals published in Mainland China. Forty percent of the material on the site is exclusive to CNKI. He will fully comply with the investigation, according to the world times.

Beijing hasn’t explained why the security review is necessary, but it’s not hard to imagine CKMI hosting logs that discuss national security issues or data the Chinese government would like to control. Academic papers as a secondary channel of intelligence are an obvious risk worth considering.

China’s move to secure its critical information comes as the country is credibly accused of exploiting lax security to find information about other countries through fair and foul means.

In a recent case, China was accused of playing a role in turning US-funded research into Chinese patents by a US-based professor.

Other reports suggest that Chinese-backed attackers are stealing academic research — such as a 2019 effort targeting maritime technology from at least 27 academic institutions.

The spying doesn’t stop there. State-sponsored actors are also said to have target [PDF] medical data from the healthcare industry and many other verticals.

Reports of investigations into domestic CAC companies are rare, raising questions about Beijing’s motives for doing so. Calling attention to the CNKI could attract attention and invite attacks on the organization — which could be a good method for Beijing to teach the company a lesson about raising its prices. Or perhaps it allows Chinese cyber defenders to sit back and watch the tools and techniques used by attackers in hopes of learning how other nations conduct such operations. ®


About Author

Comments are closed.