According to a recent investigation into a trove of 10,000 leaked documents, a little-known Chinese company has allegedly been hard at work over the last decade selling censorship systems to autocratic governments around the world. And Kazakhstan appears to have been its first customer.
In a report released on September 9 from InterSecLab – part of the Great Firewall Export investigation, a joint collaboration with Amnesty International, Justice For Myanmar, Paper Trail Media, The Globe and Mail, the Tor Project, the Austrian newspaper DER STANDARD and Follow The Money – researchers lay out a worrying allegation: Geedge Networks, a Chinese company founded in 2018, is effectively selling a commercial version of Beijing’s Great Firewall to foreign governments.
In the documents analyzed by InterSecLab, Geedge Networks’ clients are identified with coded names. Kazakhstan was associated by researchers with K18 and K24 and identified as potentially the company’s first customer.
Kazakhstan’s efforts to control the flow of internet traffic pre-date Geedge’s founding.
In December 2015, as Casey Michel covered for The Diplomat, Kazakhtelecom, Kazakhstan’s state-backed internet service provider, announced that come January 2016, the government would require all telecom users to install a “national security certificate.” As InterSecLab explained in its report, “This approach would have enabled them to intercept all encrypted traffic by running their own [Certificate Authority] and operating outside the global internet trust system.”
That December 2015 press release was quickly taken down, and the effort stalled given the practical difficulties of manually installing such a certificate on every device in the country. But in 2019, the Kazakh government again announced that internet users would need to download the required root certificate. This second attempt was complicated by pushback from Google, Mozilla, and Apple, as Paolo Sorbello covered for The Diplomat.
“It is around this time that Geedge’s relationship with Kazakhstan begins,” InterSecLab said. It is also around that time that Kassym-Jomart Tokayev ascended to the Kazakh presidency, following the resignation of Nursultan Nazarbayev in March 2019.
Among the leaked documents was an image dated October 16, 2020 that “lists IP addresses for a national center and 17 other cities running three separate Geedge products: Bifang (central management), Galaxy (the original name for TSG-Galaxy), and Nezha (an older name for Network Zodiac).” Amnesty International, a partner in the investigation, obtained commercial information regarding Geedge shipments of products to Kazakhstan that appears to support the connection.
As InterSecLab wrote:
Kazakhstan’s use of Geedge’s suite of products allows Kassym-Jomart Tokayev’s government to maintain a veneer of political reform while exercising unprecedented control over its population and opposition. Tokayev’s concept of a “listening state” takes on a second, chilling meaning with Geedge Networks’ technology, enabling the state to eavesdrop on the entire country’s network and mobile communications.”
Geedge’s products – including those the documents indicated were in use in Kazakhstan – provide governments with considerable surveillance and censorship capabilities. Geedge Networks’ offerings include deep packet inspection, location tracking, traffic monitoring, website and VPN blocking, user identification, reputation scoring, and malware deployment.
“Geedge Networks sells these products as a full package,” InterSecLab stressed in its report. “The company works closely with client governments in the start-up phase to meet their bespoke censorship and surveillance needs, with the ability to repurpose existing hardware or entirely build the system with new hardware”
In essence, Geedge Networks has commercialized China’s Great Firewall for export, and Astana was an ideal customer.
In 2021, Kazakhstan was implicated in a different trove of leaked documents dubbed “The Pegasus Project.” In that case, researchers at Amnesty International’s Security Lab found that the phones of several Kazakh human rights activists had been infected with the Pegasus spyware. Nearly 2,000 phone numbers, out of a leak of 50,000 phone numbers believed to be potential targets of the software, were linked to Kazakhstan. As the Organized Crime and Corruption Reporting Project (OCCRP) reported in June 2021, while the reporters believed that the software was deployed on behalf of the Kazakh government, many of those identified were among the country’s elite.
With so much of modern life tied up in the internet – everything from communication to banking – it’s no surprise that autocratic governments seek to exert the kind of control they have in the corporeal world in the virtual one too. This became all too apparent in January 2022 when, as protests roiled across Kazakhstan, the country’s internet went down.
In his recent state of the nation address, Tokayev proposed, among other things, the creation of an AI Ministry, to develop a “full-fledged” digital ecosystem in Kazakhstan.
“To become part of the new technological order, it will be necessary to restructure the entire system of public administration with a quantum increase in its transparency, efficiency, and human-centeredness,” he argued.
But that transparency may only go one way: the government having full transparency into the lives of its citizens, and the ability to keep those citizens in the dark as needed.