How a Chinese Firm Is Exporting Internet Censorship Worldwide
▼ Summary
– A Chinese company called Geedge Networks has been secretly selling censorship systems modeled on China’s Great Firewall to multiple governments worldwide.
– The company offers a commercial surveillance package that includes hardware for telecom centers and software enabling website blocking, VPN detection, and individual spying.
– Geedge’s system, called Tiangou Secure Gateway, scans all internet traffic and can intercept unencrypted data or analyze encrypted traffic using deep packet inspection.
– The company’s technology is already operational in Kazakhstan, Ethiopia, Pakistan, Myanmar, and at least one other unidentified country.
– Researchers warn the system provides governments with extreme surveillance capabilities that go beyond standard lawful interception and enable mass censorship.
A significant leak of internal documents has exposed how a relatively obscure Chinese technology firm is marketing sophisticated internet censorship systems to governments across the globe. These systems appear to mirror the architecture and capabilities of China’s own Great Firewall, raising serious concerns about the export of digital authoritarianism under the guise of cybersecurity.
Founded in 2018, Geedge Networks presents itself publicly as a provider of network monitoring and corporate cybersecurity tools. Internal records, however, reveal a different reality. The company has developed a comprehensive platform that enables state-level surveillance, including the ability to monitor online communications, block websites and VPN services, and conduct targeted spying on individuals. One of the firm’s key investors is credited as a principal architect behind China’s domestic censorship infrastructure.
Technical researchers who analyzed the leaked files describe the system as a commercialized, export-ready version of the mechanisms long used within China. The package includes both physical hardware, designed for integration into national telecom data centers, and user-friendly software that allows government operators to manage censorship and surveillance with ease. Among the planned features referenced in the documents are services for launching cyberattacks on demand and implementing geofencing to restrict specific users.
So far, Geedge Networks has deployed its technology in several countries, including Kazakhstan, Ethiopia, Pakistan, and Myanmar, with at least one additional nation yet to be identified. Job postings reviewed by investigators indicate the company is actively recruiting engineers for international assignments, suggesting an ongoing expansion into new markets.
The leaked material, comprising internal communications, technical logs, source code, and project management files, was provided anonymously and scrutinized by a coalition of human rights advocates and media outlets. Organizations including Amnesty International, the Tor Project, and several international newsrooms collaborated on the analysis.
According to Marla Rivera, a technical researcher at InterSecLab, the capabilities offered go far beyond conventional lawful interception. “This system permits not only mass censorship but also precise targeting of individuals based on their browsing history,” Rivera explained. “The degree of control it hands to governments is alarming and should concern everyone.”
Central to the company’s product suite is a tool named Tiangou Secure Gateway (TSG), which acts as a network gateway capable of processing a country’s entire internet traffic. Every data packet passing through the system can be inspected, filtered, or blocked. The technology also enables operators to create custom rules for users flagged as suspicious, logging their every digital movement.
For unencrypted traffic, the system can capture sensitive content including passwords, emails, and attachments. When traffic is encrypted using standard protocols like TLS, the platform employs deep packet inspection and machine learning to analyze metadata and identify potential circumvention tools such as VPNs. If the system cannot definitively classify encrypted content, it may preemptively block access for a set duration, effectively restricting legitimate use along with restricted material.
(Source: Wired)