Global Sources
EE Times-India
Stay in touch with EE Times India
EE Times-India > Networks

Huawei networks utilised as U.S. intelligence tool

Posted: 28 Mar 2014     Print Version  Bookmark and Share

Keywords:espionage  telecommunications  networking 

Huawei Technologies is no stranger to controversy. Back in 2012, it was the subject of a U.S. congressional hearing along with another telecommunications giant, ZTE, because of accusations that their infrastructure may be utilised for espionage as mandated by the Chinese government (see We're not spies; says Huawei to U.S.). Now, its relationship with the U.S. government has become more volatile as news comes out about how the National Security Agency (NSA) allegedly turned the company into a tool of American intelligence instead.

During the course of a project code-named "Shotgiant," the NSA penetrated the corporate networks of Huawei so completely that U.S. officials were able to read email from the company's CEO, download sensitive documents on more than 1,400 large Huawei customers, as well as technical data on current products and those still in development, according to documents released by former NSA contractor Edward Snowden to Der Spiegel and The New York Times.

"We currently have good access and so much data that we don't know what to do with it," according to one NSA report from 2010 quoted in Der Spiegel.

Rather than stop at simply collecting more information than it could process, however, a NSA special-operations unit bored into the company's technical data, eventually compromising servers holding source code for the firmware that runs the routers and switches Huawei builds for large corporations and telecommunications companies.

The goal was to build secret backdoors or security flaws into the source code, which Huawei would then build into its own products and distribute to a customer base so large that Huawei boasts that its products connect a third of the world's population.

"Many of our targets communicate over Huawei-produced products," according to one of those reports. "We want to make sure that we know how to exploit these products," in order to "gain access to networks of interest," according to the document.

An ongoing operation

Rather than being an anomaly, the plan to bug Huawei firmware fit neatly into an apparently ongoing NSA effort to magnify the impact of its efforts by installing bugs and backdoors into the firmware of commercial technology products to be distributed by oblivious technology vendors and sold to potential targets with no indication the NSA had ever been involved. Previously released documents report similar efforts to compromise products from Western Digital, Seagate, Maxtor, Samsung, and other, mostly U.S.-based companies.

The NSA unit involved—the Office of Tailored Access Operations (TAO), which is based in Ft. Meade, Md.—is a cadre of encryption and penetration specialists who can be called into action like a special-forces strike team to penetrate high-value targets with unusually tough security, according to Der Spiegel. A TAO sub-group known as ANT builds circuit boards disguised as USB devices or other, more subtle camouflage, which can be implanted in targeted servers and secretly broadcast everything they do to nearby NSA relay stations.

ANT has also developed bits of malware collectively referred to as "Persistence" that is designed to penetrate and install its payload in the BIOS of PCs, servers, and the firmware of routers or other networking equipment. Once installed, the payloads become part of the core operating code of the device in which they're implanted, and are reinstalled on motherboards or hard drives even after previous versions of the firmware and operating systems have been wiped and replaced, according to Der Spiegel, which got a look at the TAO catalogue of attack devices courtesy of Snowden.

Specifics remain elusive

There is no information available on the specific techniques the NSA used to attack either the Huawei servers or source code. The catalogue and many other reports released by Snowden were from the same period as the NSA's attacks on Huawei, making it likely the exploits and tactics used were similar to those in the Snowden documents.

1 • 2 Next Page Last Page

Comment on "Huawei networks utilised as U.S. int..."
*  You can enter [0] more charecters.
*Verify code:


Visit Asia Webinars to learn about the latest in technology and get practical design tips.


Go to top             Connect on Facebook      Follow us on Twitter      Follow us on Orkut

Back to Top