Who’s hacking who? China’s Huawei falls victim to the NSA
The latest revelations from former National Security Agency (NSA) contractor turned whistleblower Edward Snowden reveal that the US agency was actively targeting China’s infrastructure vendor Huawei. Both Germany’s Der Speigel and America’s New York Times ran stories and analysis this weekend.
This is nothing new to those following the trade battle between Huawei and the US government – merely conformation of what we always suspected. The irony is, the US always feared that the Chinese were using spyware in Huawei’s equipment and so went out of their way to prevent the vendor from gaining sustainable business in the country.
Highlights of TelecomTV’s ten-year coverage of Huawei and spying allegations can be found via the links on the left
Now we have confirmation (albeit not official) that far from being an innocent bystander, the US was hacking Huawei to learn its marketing and distribution plans, as well as to try out more about its actual ownership and control (is it really a branch of the People’s Liberation Army?)
Back in December last year, Der Speigel reported on the NSA’s secret Office of Tailored Access Operations (TAO). According to internal NSA documents viewed by the newspaper, TAO has a mandate to engage in “aggressive attacks” via the internet and IT equipment – and was successful in intercepting emails on BlackBerry’s supposedly secure servers. Spiegel also discovered that an NSA division called ANT provides a 50-page hopping list of specialist hacking tools for use by other NSA employees, that can access equipment from Huawei (and others, including US-based Dell and Cisco).
These products range from computer bugging devices – disguised USB plugs that send data wirelessly, and which are familiar to all viewer of ‘Breaking Bad’ –available in packs of 50 for a cool $1m, to a fake GSM base station for a mere $40,000.
The news over the weekend though shed more light onto the NSA’s activities regarding Huawei. An alleged NSA document from 2010 gives details of Project Shotgiant, which was set up in 2007 to find any links between Huawei and the People’s Liberation Army, as well as to hack Huawei’s technology so that the NSA could conduct surveillance on its customers’ networks.
“Many of our targets communicate over Huawei-produced products,” the NSA document stated. “We want to make sure that we know how to exploit these products [to] gain access to networks of interest.”
Another document revealed the success of the Shotgiant operation: “We currently have good access and so much data that we don’t know what to do with it.”
A 2012 report from the US House Intelligence Committee on Huawei and ZTE found no evidence confirming the suspicions about Chinese government ties, but it said that they “cannot be trusted to be free of foreign state influence” and directed that the two companies must be blocked from “acquisitions, takeover or mergers” in the US.
“The irony is that exactly what they are doing to us is what they have always charged that the Chinese are doing through us,” the NYT quoted William Plummer, a senior Huawei executive in the United States.
In 2008, the US government blocked the sale of the once dominant networking firm 3Com to Huawei on national security grounds. As recently as 2013, the US only approved the take-over of Sprint by Japan’s Softbank on the alleged condition that it didn’t buy Huawei equipment.
“If the actions in the report are true, Huawei condemns such activities that invaded and infiltrated into our internal corporate network and monitored our communications,” John Suffolk, Global Cyber Security Officer for Huawei told Reuters. “We have never been asked to hand over any data to a government or authority or to facilitate access to our technology. And we wouldn't do this either. Our position on this point is very clear.”