Could China blocking VPNs lead to spying on business?

The “Great Firewall of China,” designed to prevent its citizens from accessing some overseas content, has apparently undergone an upgrade.

And some observers say this may not only be an effort to stop citizens from reading or viewing Western information, but also to spy on international corporations doing business in the country who encrypt their internal communications.

The Guardian reported recently that the Chinese government is blocking internet services that have been able to “burrow secretly through what is known as the ‘Great Firewall’ …”

“A number of companies providing virtual private network (VPN) services to users in China say the new system is able to ‘learn, discover and block’ the encrypted communications methods used by a number of different VPN systems,” the report said.

“China Unicom, one of the biggest telecoms providers in the country, is now killing connections where a VPN is detected, according to one company with a number of users in China,” the report said.

If the encryption works, even if the data is monitored, it cannot be read. It also means that a user’s connection effectively starts outside the Great Firewall, providing access to all the sites the government blocks, including those of news organizations, search engines and social networking.

The crackdown is apparently no surprise to some users, who suspected more than 18 months ago, in May 2011, that the government was trying to disrupt VPNs. But The Guardian report  said VPN providers are now noticing it as well.

Astrill, a VPN provider for users inside and outside China, has emailed its users to warn them that the Great Firewall system is “blocking at least four of the common protocols used by VPNs, which means that they don’t function.”

Author and security expert Bruce Schneier, chief security technology officer at BT, linked to the story on his website Schneier on Security. And according to a number of the comments on his post, the goal of the Chinese government may be more than simply censoring what its citizens can see.

[See also: U.S. commission fingers China as biggest cyberthreat]

One comment, by “Pybe,” said the Chinese government is apparently blocking more than VPN services. “Recently, our corporate VPN that we’re using to communicate with our Chinese partner has been blocked off regularly. We tried changing the port, but it kept on getting blocked off,” he wrote.

Others said they believe there are relatively easy ways for VPNs to work around the block. Schneier said while this is probably true, it was only a matter of time before the block to be reinstated. “Remember, this is an arms race,” he said. “If the VPN vendors push out a patch, the Chinese will see it and write code to block the patch. And so on and so on.”

“Tor has been fighting this arms race with the Chinese for years — it’s very difficult.”

Clive Robinson suggested in comments that there may be a more serious issue. “It may be a move designed to perform espionage by trying to force company secrets out into the open,” he wrote. “Forcing companies off of VPNs … will in effect open up corporate firewalls, thus also aiding in APT type activities.”

Schneier said he doesn’t know the intent of the government, noting, “That’s more a political science question than a computer security question.”

But if multiple international companies decide they can’t risk losing their private, internal information, that could ultimately harm the Chinese economy. Astrill, the VPN provider, told its users it hopes the crackdown will be lifted.

“We believe [the] China censorship minister is a smart man … and this blockage will be removed and things will go back to normal,” it said in its email to users.