The Chinese University of Hong Kong said Thursday that its IT backbone and the Hong Kong Internet exchange (HKIX) have never been hacked, in response to a comment by US whistleblower Edward Snowden -- during an interview with SCMP -- that the university has been one of the NSA's hacking targets since 2009.
The HKIX -- live since 1995 as a layer-two settlement-free Internet exchange point --is operated by the Information Technology Services Center (ITSC) of the CUHK. "The university hasn't detected any form of hacking to the network which has been running normally," said a university spokeswoman. "Every effort's made to protect the university's backbone network as well as the HKIX--our ITSC closely monitors the exchange round-the-clock to ensure normal operation and defends against network threats. ""
HKIX serves more than 100 organizations in Hong Kong including telcos, mobile broadband service providers, and those from the academic community.
Cisco switches deployed at HKIX
The CUHK has deployed Cisco switches at HKIX for some years-- including Cisco Nexus 7018 and Cisco Catalyst 6513. At press time, the vendor's Hong Kong office hasn't commented on Snowden's claim, but a spokesperson said the company is preparing a statement.
Snowden was also quoted by the SCMP as saying that public officials, businesses, and students in Hong Kong are also NSA's hacking targets. According to the report, he believes that the NSA has hundreds of targets in Hong Kong and on the mainland.
Responding to Computerworld Hong Kong's inquiry, the Office of the Government CIO (OGCIO) said the government has no reported hacking incidents involving data leakage on its computer systems.
Security pro: Backbones could be hacked without the providers' knowledge
According to a security pro, it's possible that backbone infrastructures were hacked without the infrastructure providers knowing.
"Backbone infrastructure providers are often more vulnerable than end-users because end-users have an immediate and damaging impact to security events," said Richard Stagg, director and managing consultant at Hong Kong-based Handshake Networking."Backbone providers have NO impact from hackers sitting and sniffing their traffic (it's all on their end-users) unless someone like Snowden turns up and reveals the secret."
"In any case, we've been saying for years how people should encrypt and assume the networks are unsafe, and the folks have been saying, don't be silly, who'd be sitting in the wires looking at all our data? Well now you know," he added.