The NSA Hacked Huawei Long Ago

Uploaded on 2022-09-15 in INTELLIGENCE--USA, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, INTELLIGENCE-Hot Spots-China

The US government has warned for years that products from China’s Huawei Technologies, the world’s biggest maker of telecommunications equipment, pose a national security risk for any countries that use them.

While some technology experts claimed that there was no solid evidence that Huawei and other Chinese brands employ any hidden and malicious privacy invasion. But more recently, Huawei devices have taken the centre stage in cyber security and several European countries have expressed major concerns.

Consider a scenario where you may use a Huawei telephone to have a conversation with a friend or a work colleague. It could be a discussion about a business deal, a programming project you're working on, or important business meetings. You could inadvertently pass along proprietary information to a foreign government without realising it.

The National Security Agency (NSA) is an intelligence agency of the United States Department of Defense responsible for the collection and analysis of foreign communications and foreign signals intelligence, as well as protecting US government communications and information systems, which involves cryptanalysis and cryptography.

In 2014 documents were leaked from the NSA that revealed the US spy service was secretly stealing electronic data and other secrets by hacking Huawei.

The sensational spying operation, code-named Shotgiant, was undermined by Edward Snowden, the former NSA contractor now living in Russia who disclosed the top-secret hacking after stealing nearly 2 million NSA documents and releasing them to the press.

An investigation by Bloomberg journalists has revealed how the NSA was able to conduct its electronic spying operations around the world, penetrating Huawei’s routers and listening to the communications that passed through them. 

A person familiar with the operation said spies working for the NSA Tailored Access Operations group, the secret hacking unit based near Baltimore-Washington International Airport, were able to get inside Huawei equipment because of an earlier hack of Cisco Systems routers.

In the early, 2000s, Huawei was sued by Cisco for stealing portions of Cisco’s Internetwork Operating System, or IOS, a family of software used in the company’s routers and switches. The case was settled quietly out of court.

While it's unlikely that Huawei and other Chinese brands would be entirely banned for the average consumer, multiple governments are looking to minimise and ban the use of Huawei technology in their telecommunications networks.

If Huawei were to acquire control over a large part of the telecommunications market in the western world, the Chinese intelligence community could potentially have access to user data. It could also intercept, or even shut down, all communications from those devices.

But in case the NSA already knows the details of Huawei's technology, they can most likely take steps to block or prevent any damaging malicious activity, and they don't need to be quite so worried about using it.

Bloomberg:    Washington Times:      ComputerWorld:     Makeuseof.com

You Might Also Read: 

Who’s Afraid Of Huawei?

 

« Using SAST To Prevent Zero Day Vulnerabilities
Three Simple Steps To Effective Cybersecurity »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Galaxkey

Galaxkey

Galaxkey is a data protection product that protects email, documents and any data using access control and an encryption platform.

WhiteHat Security

WhiteHat Security

WhiteHat’s products enable customers to “Hack Yourself First” so that they gain a greater understanding of the actual risk to their business.

Cryptus Cyber Security

Cryptus Cyber Security

Cryptus Cyber Security is an Information Security Training company providing advanced training and services to IT Professionals.

Jiran Security

Jiran Security

Jiran Security provides data and application security solution over email, mobile device and endpoints.

Mitre

Mitre

At Mitre we work across government to tackle challenges to the safety, stability, and well-being of our nation. Areas of expertise include Cybersecurity.

SWAT Systems

SWAT Systems

SWAT Systems is an IT support and cyber security managed service provider.

ValidSoft

ValidSoft

ValidSoft is a security software company, providing telecommunications-based multi-factor authentication, identity and transaction verification technology.

ThriveDX

ThriveDX

ThriveDX, the world’s premier EdTech provider (formerly HackerU), champions digital transformation training as a means of empowering individuals to thrive in the age of digital disruption.

IT Band Systems

IT Band Systems

IT Band Systems is an international provider of IT products and services including web server monitoring and web security consulting.

SHIELD

SHIELD

SHIELD are the world’s leading cybersecurity company specializing in cyber fraud and identity solutions.

Ridge Security

Ridge Security

Ridge Security enables enterprise and web application teams, ISVs, governments, education, DevOps, anyone responsible for ensuring software security to affordably and efficiently test their systems.

SGTech

SGTech

SGTech is the leading trade association for Singapore's tech industry, offering focused support and development to both strategic and emerging sectors in the industry.

Jera IT

Jera IT

Jera IT provide fully managed IT support, cybersecurity services, telecoms systems, and IT strategy consultancy to businesses based in Aberdeen and the surrounding area.

Pvotal Technologies

Pvotal Technologies

Pvotal Technologies engineer complex, automated processes aligned with best AIOps, BizDevOps, DevSecOps, CloudOps, and ITOps practices.

Realm.Security

Realm.Security

Realm.Security is pioneering the creation of an easy-to-implement, simple-to-use security fabric solution that is purpose-built for cybersecurity.

Softanics

Softanics

Softanics’ ArmDot protects .NET apps with advanced obfuscation, control flow protection, and virtualization, securing code against reverse engineering without requiring agents or environment changes.