Bloomberg alleges Huawei routers and network gear are backdoored

5G Logo in the shape of a butterfly.

Enlarge / PORTUGAL - 2019/03/04: 5G logo is seen on an android mobile phone with Huawei logo on the background. (credit: Omar Marques/SOPA Images/LightRocket via Getty Images)

Vodafone, the largest mobile network operator in Europe, found backdoors in Huawei equipment between 2009 and 2011, reports Bloomberg. With these backdoors, Huawei could have gained unauthorized access to Vodafone's "fixed-line network in Italy." But Vodafone disagrees, saying that while it did discover some security vulnerabilities in Huawei equipment, these were fixed by Huawei and in any case were not remotely accessible, and hence they could not be used by Huawei.

Bloomberg's claims are based on Vodafone's internal security documentation and "people involved in the situation." Several different "backdoors" are described: unsecured telnet access to home routers, along with "backdoors" in optical service nodes (which connect last-mile distribution networks to optical backbone networks) and "broadband network gateways" (BNG) (which sit between broadband users and the backbone network, providing access control, authentication, and similar services).

In response to Bloomberg, Vodafone said that the router vulnerabilities were found and fixed in 2011 and the BNG flaws were found and fixed in 2012. While it has documentation about some optical service node vulnerabilities, Vodafone continued, it has no information about when they were fixed. Further, the network operator said that it has no evidence of issues outside Italy.

Read 9 remaining paragraphs | Comments

How Microsoft found a Huawei driver that opened systems to attack

How Microsoft found a Huawei driver that opened systems to attack

Enlarge (credit: Valentina Palladino)

Huawei MateBook systems that are running the company's PCManager software included a driver that would let unprivileged users create processes with superuser privileges. The insecure driver was discovered by Microsoft using some of the new monitoring features added to Windows version 1809 that are monitored by the company's Microsoft Defender Advanced Threat Protection (ATP) service.

First things first: Huawei fixed the driver and published the safe version in early January, so if you're using a Huawei system and have either updated everything or removed the built-in applications entirely, you should be good to go.

The interesting part of the story is how Microsoft found the bad driver in the first place.

Read 10 remaining paragraphs | Comments

NSA hacked Huawei servers, watched company’s executives, NYT sources say

On Saturday, the New York Times published an article based on slides obtained from former NSA contractor Edward Snowden as well as interviews with anonymous intelligence officials that alleged the NSA had broken into the servers of Chinese telecom giant Huawei. There, the spy agency obtained sensitive information about the company's routers and switches that served to link its customers to its network. The NSA also monitored the communications of Huawei's executives, the NYT reports.

The US has long had a fraught relationship with Huawei, a company that has maintained that it is independent from the Chinese government and has no ties to the People's Liberation Army (PLA). Still, citing national security concerns, US authorities blocked Huawei's purchase of 3Com in 2008, accused it of un-American activities in 2012, and then convinced Sprint and SoftBank to limit their use of Huawei gear in 2013.

The New York Times report said that the 2010 NSA operation, code-named “Shotgiant” (link goes to leaked classified slides), was looking for clues that the giant telecom was working with the PLA.

Read 2 remaining paragraphs | Comments

Sprint, Softbank to shun Chinese networking equipment

Sprint Nextel and its new owner will limit their use of technology made by Chinese companies, and allow US national security officials to monitor changes to their equipment. The pending agreement will help them gain US approval of SoftBank's $20 billion acquisition of Sprint.

US officials have accused Chinese firms Huawei and ZTE of having close ties with the Chinese government and military. They claim the companies' equipment raises the threat of "cyber-espionage" or attacks on US communications networks, although a White House review last year found no clear evidence that Huawei spied for China.

The New York Times last night quoted anonymous government officials as saying that Sprint Nextel and the Japanese SoftBank "are expected to enter an agreement with American law enforcement officials that will restrict the combined company’s ability to pick suppliers for its telecommunications equipment and systems." Further, "The agreement would allow national security officials to monitor changes to the company’s system of routers, servers and switches, among other equipment and processes, the officials said. It would also let them keep a close watch on the extent to which Sprint and SoftBank use equipment from Chinese manufacturers, particularly Huawei Technologies."

Read 1 remaining paragraphs | Comments