{"id":6005,"date":"2021-11-11T03:25:03","date_gmt":"2021-11-11T03:25:03","guid":{"rendered":"https:\/\/blackopspartners.com\/?p=6005"},"modified":"2021-11-11T03:25:03","modified_gmt":"2021-11-11T03:25:03","slug":"no-more-china-tech-57-million-credit-card-machines-likely-compromised","status":"publish","type":"post","link":"https:\/\/blackopspartners.com\/no-more-china-tech-57-million-credit-card-machines-likely-compromised\/","title":{"rendered":"No More China Tech: 57 Million Credit Card Machines Likely Compromised"},"content":{"rendered":"\n

Hundreds of millions of credit card users join Zoom and TikTok in likely data loss to China<\/strong><\/h3>\n\n\n\n

Americans and allies are too dependent on\u00a0China<\/a>\u00a0tech<\/a>, as demonstrated by recent revelations that our Chinese-manufactured credit card machines are sending\u00a0data<\/a>\u00a0back to China for no good reason.<\/p>\n\n\n\n

The U.S. Treasury Department says that millions of Chinese point-of-sale (POS) devices, the credit card machines found at check-out counters, could be sending customer data back to China for no good reason.<\/p>\n\n\n\n

Treasury Department lab tests show that the data is encrypted and sent to unknown third parties in China. The transmissions are \u201csuperfluous to normal payment transaction processing,\u201d according to a letter from the Treasury\u2019s Office of Cybersecurity and Critical Infrastructure Protection (OCCIP), as quoted<\/a> in Bloomberg News. The China-bound data transmissions are larger and more frequent than the transmissions of normal payment transactions.<\/p>\n\n\n\n

\u201cTreasury\u2019s preliminary assessment is that data transmission by these devices indicates the possibility of risks to customer data confidentiality,\u201d a Treasury spokesperson emailed to Bloomberg.<\/p>\n\n\n\n

A subsidiary of the Chinese company, PAX Global, claimed that the security concerns were just \u201crumors.\u201d The company\u2019s headquarters are split between Hong Kong and Shenzhen, China. PAX has manufactured 57 million terminals that operate in 120 countries around the world, according to its own claims.<\/p>\n\n\n\n

On Oct. 26, the FBI raided<\/a> PAX offices in Jacksonville, Florida. And two days later, the company\u2019s senior vice president of security and services quit her job.<\/p>\n\n\n\n

A British security agency is also investigating the Chinese POS device manufacturer.<\/p>\n\n\n\n

Cybersecurity expert Brian Krebs reported<\/a> that the FBI raid was not only linked to the discovery of \u201cunusual network packets\u201d from the company\u2019s terminals, but to reports that the PAX systems could be linked to cyberattacks, hacks, and illicit data collection on U.S. and European Union organizations.<\/p>\n\n\n\n

Financial company FIS Worldpay, a Florida-based payment processing company, has for security reasons been forced to replace its PAX terminals with machines from American and French manufacturers. A FIS spokesman explained<\/a> that the reason FIS is replacing PAX terminals is because FIS \u201cdid not receive satisfactory answers from PAX regarding its POS devices connecting to websites not listed in their supplied documentation.\u201d<\/p>\n\n\n\n

The likely compromise of American and allied financial data by Chinese-manufactured POS credit card machines is the tip of the iceberg of vulnerability to China tech. Other China-linked companies, like Zoom, TikTok, and computer and cell phone manufacturers, have hundreds of millions of global users who are vulnerable to data loss to China.<\/p>\n\n\n\n

Zoom was downloaded\u00a0485 million<\/a>\u00a0times in 2020, and continues to have serious security issues. In 2020, the FBI\u00a0issued<\/a>\u00a0a security warning about Zoom, and the Department of Defense forbade its affiliates to use the video-conferencing application. Zoom\u2019s encryption keys were\u00a0available<\/a>\u00a0to the Chinese regime, and its international meeting traffic routed through Chinese servers.<\/p>\n\n\n\n

Yet in 2020, 90,000<\/a> schools in 20 countries made the wrong decision and utilized Zoom. Skype and Google provide better video calls, but the Zoom craze has gone dangerously viral.<\/p>\n\n\n\n

The high rate of usage among naive Zoom users, many of whom are children, is not due to lack of warning.<\/p>\n\n\n\n

\u201cZoom was found to be sending unauthorised data to Facebook,\u201d according to a recent article<\/a> in the Business of Apps. Its past hoarding of data and sub-standard encryption, identified by academic researchers, is well known. \u201cZoom saw itself banned by governments for official business (Canada and Taiwan), numerous organisations (SpaceX and Nasa) and school boards (New York and Taiwan),\u201d according to the article.<\/p>\n\n\n\n

As late as September 2021, Zoom software allowed<\/a> remote code execution, that is, hacking of user machines over the internet. Zoom supposedly found and fixed the vulnerability, which is why we know about it. But with a lagging track record on security over the years, which is often only fixed when Zoom is caught with its hand in the digital cookie jar, who knows what remains. Prudence should be the order of the day. Stop using Zoom.<\/p>\n\n\n\n

TikTok is even closer to China, and was downloaded 850 million<\/a> times in 2020, and over three billion times overall. Twenty-eight percent of TikTok users are under the age of 18, and 59 percent are female. North America had 105 million users in 2020.<\/p>\n\n\n\n

TikTok is owned by ByteDance, which is headquartered in Beijing.<\/p>\n\n\n\n

Due to national security concerns, India banned the app in June 2020. Two months later, President Donald Trump signed<\/a> an executive order requiring either the divestment of Bytedance from TikTok, or an American purchase of the app. However, the Biden administration unwisely revoked the order.<\/p>\n\n\n\n

In April, the Beijing regime doubled down by taking a 1 percent stake in a key Bytedance management company, and one of its three board seats, according to The Information<\/a>.<\/p>\n\n\n\n

In response<\/a>, Senator Marco Rubio (R-Fla.) rightly blasted the Biden administration, which he said \u201ccan no longer pretend that TikTok is not beholden to the Chinese Communist Party. Even before today, it was clear that TikTok represented a serious threat to personal privacy<\/a> and U.S. national security. Beijing\u2019s aggressiveness makes clear that the regime sees TikTok as an extension of the party-state, and the U.S. needs to treat it that way. President Biden must take immediate action to remove ByteDance and TikTok from the equation.\u201d<\/p>\n\n\n\n

Rubio rightly went beyond just a whack-a-mole approach. \u201cWe must also establish a framework of standards that must be met before a high-risk, foreign-based app is allowed to operate on American telecommunications networks and devices,\u201d he said.<\/p>\n\n\n\n

The problem is not only China-linked software, however, but also the American and allied\u00a0dependence<\/a>\u00a0on China\u2019s manufacture of computers, tablets, and phones. Ninety percent of computers, and 70 percent of cell phones, are manufactured in China. All of this hardware, therefore, includes a higher level of security risk.<\/p>\n\n\n\n

The world\u2019s electronic device manufacturing processes are largely controlled by the Chinese Communist Party, which has proven to be unscrupulous in its pursuit of power. We tend to ignore the attendant perils for reasons of convenience and budget, but we do so at our own grave risk.<\/p>\n\n\n\n

The U.S. Treasury Department has hinted that technology from China should be rejected because of the higher risk it entails.<\/p>\n\n\n\n

\u201cOCCIP encourages stakeholders in the U.S. financial system to adopt a risk-based approach to protecting the confidentiality of their customers\u2019 data, the integrity of their networks, and the availability of their services,\u201d the Treasury Department said in this month\u2019s letter about the PAX investigation. \u201cBanks and financial service providers should apply this risk-based approach to their supply chains.\u201d<\/p>\n\n\n\n

While such warnings are welcome, they are entirely insufficient. We need laws and executive orders that mandate and provide for a fully secure technological environment for America and our allies. Our information security depends upon U.S. and allied control and protection of all information technology, from seed investment, to ownership, hardware manufacture, and the writing and operation of software that gives life to our networks. Nothing else will do.<\/p>\n\n\n\n

It is unconscionable that U.S. and allied governments continue in their failure to protect our democratic communities from unscrupulous China-linked technology manufactures, including software like TikTok and hardware like computers, phones, and credit card machines, at the expense of American and allied privacy, workers, and the diversity of our industrial ecosystems, and those of our allies.<\/p>\n\n\n\n

Our democratic governments must get smart fast, or the loss to China will be irreversible, and ultimately entail the loss of democracy itself.<\/p>\n\n\n\n

Read more at The Epoch Times<\/a>.<\/strong><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

Hundreds of millions of credit card users join Zoom and TikTok in likely data loss to China Americans and allies are too dependent on\u00a0China\u00a0tech, as demonstrated by recent revelations that our Chinese-manufactured credit card machines are sending\u00a0data\u00a0back to China for no good reason. The U.S. Treasury Department says that millions of Chinese point-of-sale (POS) devices, […]<\/p>\n","protected":false},"author":2,"featured_media":6007,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[10],"tags":[14,54],"acf":[],"_links":{"self":[{"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/posts\/6005"}],"collection":[{"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/comments?post=6005"}],"version-history":[{"count":4,"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/posts\/6005\/revisions"}],"predecessor-version":[{"id":6012,"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/posts\/6005\/revisions\/6012"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/media\/6007"}],"wp:attachment":[{"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/media?parent=6005"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/categories?post=6005"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/tags?post=6005"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}