The NSA Hacked Huawei Long Ago

The US government has warned for years that products from China’s Huawei Technologies, the world’s biggest maker of telecommunications equipment, pose a national security risk for any countries that use them.

While some technology experts claimed that there was no solid evidence that Huawei and other Chinese brands employ any hidden and malicious privacy invasion. But more recently, Huawei devices have taken the centre stage in cyber security and several European countries have expressed major concerns.

Consider a scenario where you may use a Huawei telephone to have a conversation with a friend or a work colleague. It could be a discussion about a business deal, a programming project you're working on, or important business meetings. You could inadvertently pass along proprietary information to a foreign government without realising it.

The National Security Agency (NSA) is an intelligence agency of the United States Department of Defense responsible for the collection and analysis of foreign communications and foreign signals intelligence, as well as protecting US government communications and information systems, which involves cryptanalysis and cryptography.

In 2014 documents were leaked from the NSA that revealed the US spy service was secretly stealing electronic data and other secrets by hacking Huawei.

The sensational spying operation, code-named Shotgiant, was undermined by Edward Snowden, the former NSA contractor now living in Russia who disclosed the top-secret hacking after stealing nearly 2 million NSA documents and releasing them to the press.

An investigation by Bloomberg journalists has revealed how the NSA was able to conduct its electronic spying operations around the world, penetrating Huawei’s routers and listening to the communications that passed through them. 

A person familiar with the operation said spies working for the NSA Tailored Access Operations group, the secret hacking unit based near Baltimore-Washington International Airport, were able to get inside Huawei equipment because of an earlier hack of Cisco Systems routers.

In the early, 2000s, Huawei was sued by Cisco for stealing portions of Cisco’s Internetwork Operating System, or IOS, a family of software used in the company’s routers and switches. The case was settled quietly out of court.

While it's unlikely that Huawei and other Chinese brands would be entirely banned for the average consumer, multiple governments are looking to minimise and ban the use of Huawei technology in their telecommunications networks.

If Huawei were to acquire control over a large part of the telecommunications market in the western world, the Chinese intelligence community could potentially have access to user data. It could also intercept, or even shut down, all communications from those devices.

But in case the NSA already knows the details of Huawei's technology, they can most likely take steps to block or prevent any damaging malicious activity, and they don't need to be quite so worried about using it.

Bloomberg:    Washington Times:      ComputerWorld:     Makeuseof.com

You Might Also Read: 

Who’s Afraid Of Huawei?

 

« Using SAST To Prevent Zero Day Vulnerabilities
Three Simple Steps To Effective Cybersecurity »

Quartz Conference
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

eSentire

eSentire

eSentire is the authority in Managed Detection and Response Services, protecting the critical data and applications of organizations from known and unknown cyber threats.

DataBunker

DataBunker

DataBunker supply a range of Cloud Backup & Disaster Recovery solutions to IT Service Providers only.

StackPath

StackPath

StackPath provide an intelligent web services platform designed for security, speed and scale.

Cyber Security Network

Cyber Security Network

Cyber Security Network provide specialist cyber security recruitment services.

OpenSphere

OpenSphere

OpenSphere is an IT company providing security consultancy, information system risk management and security management services.

Holm Security

Holm Security

Holm Security are taking vulnerability assessment into the next generation as a cloud service.

Garrison

Garrison

Garrison SAVI® is a unique technology for secure remote browsing that can dramatically change the risk profile for enterprise cyber security.

Momentum Cyber

Momentum Cyber

Momentum Cyber provides world-class M&A and strategic advice combined with unparalleled senior-level access to the Cybersecurity ecosystem.

Cyber Security Raad (CSR) - Netherlands

Cyber Security Raad (CSR) - Netherlands

The Cyber Security Council (CSR) is a national, independent advisory body of the Dutch government undertaking efforts at strategic level to bolster cyber security in the Netherlands.

Finnish Accreditation Service (FINAS)

Finnish Accreditation Service (FINAS)

FINAS is the national accreditation body for Finland. The directory of members provides details of organisations offering certification services for ISO 27001.

Securis

Securis

Securis provides organizations and agencies with the highest level of professional, ultra-secure data destruction and IT recycling.

Nubeva Technologies

Nubeva Technologies

Nubeva provide a breakthrough TLS Decrypt solution with Symmetric Key Intercept to gain the visibility needed to monitor and secure network traffic.

Diaplous Group

Diaplous Group

Diaplous Group is a leading Maritime Risk Management (MRM) provider, delivering specialized services to an ever-broadening portfolio of shipping, oil & gas, energy and construction industries.

Blaick Technologies

Blaick Technologies

Blaick is an Israeli cyber-security company which deploys proprietary Artificial Intelligence threats detection technology for early prevention of online cyber crime.

tTech

tTech

tTech is the first and foremost company providing outsourced Information Technology solutions to businesses in Jamaica.

DigitalWell

DigitalWell

DigitalWell provide fully managed IT and communications solutions for a truly innovative end-to-end experience - for your customers and teams.