According to a report released by Bloomberg, US government officials’ suspicion of the integrity of Huawei’s products was partly attributed to the 2012 Huawei software update incident, which used malicious code to damage the network of a major Australian telecommunications company.
That reportAccording to interviews with 7 former officials, some people have determined, and some have not. They say Optus is a division of Singapore Telecommunications Co., Ltd., and its system was compromised in 2012 due to malicious updates-the company raised this claim objection.
“The update looks legitimate, but the malicious code it contains is much like digital eavesdropping, reprogramming the infected device to record all communications passing through it, and then sending the data to China, [the sources] Said,” the Bloomberg report explained.
A few days later, it was reported that the eavesdropping code was deleted on its own, but the Australian intelligence agency believed that the Chinese intelligence agency should be responsible for it. “It has penetrated into the team of Huawei technicians who help maintain equipment and push updates to the telecommunications system.”
It is said that Australian intelligence agencies have shared detailed information about the incident with US intelligence agencies, and US intelligence agencies subsequently discovered that similar attacks from China were carried out using Huawei hardware in the United States.
The report aims to provide a basis for evidence for the efforts of the United States and other governments to avoid Huawei hardware during the global 5G network upgrade and provide the business to non-Chinese companies.
It is worth noting that there is no claim that Huawei’s leadership is aware of this so-called effort to subvert the Optus network. The report stated: “Bloomberg found no evidence that Huawei’s senior leadership was involved in or aware of the attack.”
In short, the claim that China’s intelligence agencies use agents within Huawei to disrupt Australia’s networks is a continuing risk for any number of world-renowned technology companies.
‘Australian slander’
China denies “Australian defamation”.Perhaps it is worth noting Register I don’t know of any country that recognizes recent intelligence activities.Even Russian President Vladimir Putin faces Strong evidence The investigative news service Bellingcat discovered that the FSB was trying to poison the political opposition leader Alexey Navalny. be rejected Russian agents are involved in the near-fatal poisoning of Navalny.
But what is unusual about the Chinese Foreign Ministry’s statement is that it is not so much injured innocence as mutual guilt: “Australia’s slander on China’s cyber attacks and spy infiltrations is purely an act of a thief crying and catching a thief.”
In other words, everyone is a spy, and Australia has a poor manner in expressing dissatisfaction in public. Considering that the US National Security Agency had penetrated into Huawei’s network before 2010 to monitor founder Ren Zhengfei and his associates, because it was previously worried that Huawei might create a backdoor in its equipment.That is based on Documents provided Written by former NSA contractor Edward Snowden (Edward Snowden).
Register Huawei was asked to comment, and a spokesperson provided us with a copy of the comments provided to Bloomberg by John Suffolk, Huawei’s global cybersecurity officer.
“[W]Suffolk said in an e-mailed statement that there is no specific details to give you a detailed assessment. I want, no one knows. It doesn’t work like that. “
“It is an illusion to suggest that engineers can reprogram the code, because they cannot access the source code, cannot compile the source code to generate a binary file, and the binary file has a tamper-proof mechanism inside. We are encouraging the government, customers and the security ecosystem The leaders of review our products, look for design weaknesses, and provide feedback on vulnerabilities or bad code examples. It is this openness and transparency that play a good protective role.”
“Finally, there is no tangible evidence of any deliberate misconduct.”
But this has nothing to do with the evidence presented in public forums or courts. At least in this case, Huawei has not been tried.
Yes, its chief financial officer had a dispute, Determined to avoid serious diplomatic disputes, The U.S. government Trade secret theft lawsuit against Huawei Based on T-Mobile’s civil lawsuit and claimed that Huawei Screwed up an IT consulting company in California and a backdoor in Pakistan.
Can’t rest
Even so, it is largely irrelevant whether Huawei is guilty or innocent in helping China engage in espionage activities. As far as the United States is concerned, Huawei is not worthy of trust, because in theory the Chinese government can make demands that the company cannot refuse.The FBI is concerned about precursors to crime, in Philip K. Dick’s terms Minority report, A story about a police force arresting people who are expected to commit a crime.
The Federal Communications Commission recently used future concerns, as well as past behavior and secret allegations, to ban another Chinese company from conducting business in the United States. In October, the FCC announced that China Telecom Americas could no longer conduct business in the United States.The agency stated that it was based on its decision [PDF] Partly based on confidential evidence provided by national security agencies.
But it also stated that “just the entire contents of a large number of unclassified records” is sufficient to justify its decision. The agency concluded that China Telecom Americas may be forced to comply with the requirements of the Chinese government, and company officials have shown a lack of candor and trustworthiness toward American officials.
Trust is the key. The variability of software and the possibility of hiding hardware functions make accepting IT systems from untrusted sources inherently risky. Source code inspections, audits, and other preventive measures can be used to reduce risks, but they cannot be completely reduced.
Trust is a concern of every participant. In February, Bloomberg followed up with its controversial 2018 secret spy chip report, stating that similar snooping hardware was discovered in 2015 On a server motherboard made by American computer manufacturer Supermicro, The company filed an objection to the claim. Register Talking to a former executive of a well-known chip manufacturing company at the time, he insisted that such devices exist and he personally owns some of them. We trust our sources, but more specific evidence would be better.
In retrospect, any intelligence agency with sufficient funds and expertise obviously wanted something like this. And it’s hard to believe that no one has ever successfully deployed surveillance chips or installed backdoors for geopolitical opponents’ systems. However, the absence of publicly dissected and analyzed samples again means that we can only explain the shadow game of the nation-state through hints and whispers.
Coincidentally, this situation — lack of trust means a country-based IT stack — works well for companies located in countries where they can claim to conduct secret espionage activities and see that government funding will Their products are placed in the evicted position of competitors.
We can only imagine being the FCC Announce It will pay US telecom suppliers to replace their Huawei equipment.And considering the Chinese way incline Its market is for local companies. If anyone really cares about fair competition, then it can be fair to say that the change is fair competition. ®
