China eyes safer Internet of Things with stronger cyber security laws and self-developed OS

Hundreds of thousands of Apple lovers across the world all suffered a narrow escape from having their iconic iPhones shipment delayed – a nightmare for Apple fans waiting to get their hands on the latest phone.

As all Apple manufacturers were working full-on for the dramatic debut of the latest iPhone this September, one of Apple’s chipmakers, TSMC in China’s Taiwan, was the target of a ransomware cyber attack just one month before Apple’s event. The attack put a halt to production at several factories and the company incurred a direct loss of about 3% of its Q3 revenue.

Though just a one-time incident, it could one day be a nightmare for many people, as more and more countries including China usher in the era of Internet of Things (IoT), which connects almost everything, from assembly lines to smartphones, together.

The bigger, the riskier

China issued its first IoT guideline in 2013 and three years later the concept became part of the 13th Five-Year Plan as the nation eyes active promotion of IoT development, which has indeed flourished over the past years.

By 2020, the IoT industry’s market value is expected to exceed over 2,000 billion yuan, revealed Mao Zuokui, an official with the Office of the Central Cyberspace Affairs Commission, at the High-level Forum on Information Security held on Sunday in Wuxi, east China’s Jiangsu province, a key hub of China’s IoT businesses.

In Wuxi city alone, the IoT industry in 2017 saw total revenue of 240 billion yuan and projects constructed in Wuxi connect over 700 cities, Yuan Fei, the city’s publicity head, introduced at the forum.

“The rising number of devices beyond smartphones and laptops means that the target pool is getting bigger for cyber attacks, which has implications for financial crimes and even terrorism. Information security vulnerability and risk assessments are crucial for China’s information security,” said Zhu Shengtao, director of China Information Technology Security Evaluation Center (CNITSEC).

From lawmaking to market-challenging

China is always quick to take action.

According to Ni Guangnan, an academician of the Chinese Academy of Engineering, China’s information security has great potential to become top-notch in the world, as the nation boasts a top-down focus on security with a large talent pool and a gigantic market that is both open and inclusive.

Cyber and information security companies have joined hands with industries that are new to IoT to guarantee safety: to stop a fast-moving car from being hijacked in the Internet of Vehicles, or to prevent smart home appliances from turning your life into a Truman Show, noted Zhang Cong, a vice president of 360 Enterprise Security Group.

Meanwhile, the nation is mulling to set up a risk report mechanism to boost the nation’s emergency response capability, revealed Xie Shaofeng, an official on informatization and software services with the Ministry of Industry and Information Technology (MIIT), at the forum.

He also stressed that annual information security checkups and risk prevention evaluations will be carried out to further beef up security systems.

Starting on the first of June last year, China’s Cybersecurity Law and a security review system on network products and services began to take effect, both of which set eyes on information technology at home and abroad to guarantee their provided services and products would not leave a backdoor open to hackers or deliberately break users’ systems.

On the other hand, China has never given up its attempts to break new grounds under the call on innovation, especially with regard to core technologies.

Ni pointed out that China’s Linux operating system (OS) will be able to replace “Windows + Intel,” or “Wintel,” one day, with three types of CPUs, including Loongson. Meanwhile, another competitor for the “Wintel” digital office system that was designed by China Aerospace Science & Industry Corp (CASIC) has been set up on 28,000 devices, serving 40,000 users.

On real-time operating system (RTOS), China has been developing domestic RTOS SylixOS since 2006, and the OS boasting full intellectual property rights is ready ripe to challenge American RTOS VxWorks, while CASIC’s super-server boasts better performance at lower cost for server and database services.

For the same performance, the Chinese newcomer costs only 70 percent of its “Intel + Oracle” counterpart. Up and running for two years now without a glitch, the super-server now claims a user pool of 97,000, data from Casicloud showed.

While at the initial stage of the self-developed products and services, it is understandable to see a relatively lower market share, Wang Jun, chief engineer with CNITSEC, told People’s Daily. “No one OS can secure all tasks. We need to cultivate a full ecology where people and companies along with their applications and external devices can adapt to the OS,” he said.

“But China is not shunning away from international players through the review mechanism or self-development. In fact, we hope to welcome more of them from both cutting-edge companies and those who are playing at the same level as us,” Wang added.