The NSA Hacked Huawei Long Ago

The US government has warned for years that products from China’s Huawei Technologies, the world’s biggest maker of telecommunications equipment, pose a national security risk for any countries that use them.

While some technology experts claimed that there was no solid evidence that Huawei and other Chinese brands employ any hidden and malicious privacy invasion. But more recently, Huawei devices have taken the centre stage in cyber security and several European countries have expressed major concerns.

Consider a scenario where you may use a Huawei telephone to have a conversation with a friend or a work colleague. It could be a discussion about a business deal, a programming project you're working on, or important business meetings. You could inadvertently pass along proprietary information to a foreign government without realising it.

The National Security Agency (NSA) is an intelligence agency of the United States Department of Defense responsible for the collection and analysis of foreign communications and foreign signals intelligence, as well as protecting US government communications and information systems, which involves cryptanalysis and cryptography.

In 2014 documents were leaked from the NSA that revealed the US spy service was secretly stealing electronic data and other secrets by hacking Huawei.

The sensational spying operation, code-named Shotgiant, was undermined by Edward Snowden, the former NSA contractor now living in Russia who disclosed the top-secret hacking after stealing nearly 2 million NSA documents and releasing them to the press.

An investigation by Bloomberg journalists has revealed how the NSA was able to conduct its electronic spying operations around the world, penetrating Huawei’s routers and listening to the communications that passed through them. 

A person familiar with the operation said spies working for the NSA Tailored Access Operations group, the secret hacking unit based near Baltimore-Washington International Airport, were able to get inside Huawei equipment because of an earlier hack of Cisco Systems routers.

In the early, 2000s, Huawei was sued by Cisco for stealing portions of Cisco’s Internetwork Operating System, or IOS, a family of software used in the company’s routers and switches. The case was settled quietly out of court.

While it's unlikely that Huawei and other Chinese brands would be entirely banned for the average consumer, multiple governments are looking to minimise and ban the use of Huawei technology in their telecommunications networks.

If Huawei were to acquire control over a large part of the telecommunications market in the western world, the Chinese intelligence community could potentially have access to user data. It could also intercept, or even shut down, all communications from those devices.

But in case the NSA already knows the details of Huawei's technology, they can most likely take steps to block or prevent any damaging malicious activity, and they don't need to be quite so worried about using it.

Bloomberg:    Washington Times:      ComputerWorld:     Makeuseof.com

You Might Also Read: 

Who’s Afraid Of Huawei?

 

« Using SAST To Prevent Zero Day Vulnerabilities
Three Simple Steps To Effective Cybersecurity »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Micro Systemation AB (MSAB)

Micro Systemation AB (MSAB)

MSAB is a leader in the provision of forensically secure tools for the extraction and analysis of data from mobile devices.

Arxan Technologies

Arxan Technologies

Arxan is a leader of application attack-prevention and self-protection products for Internet of Things (IoT), Mobile, Desktop, and other applications.

MetaFlows

MetaFlows

MetaFlows’ SaaS malware detection & prevention software passively analyzes the behavior and the content of Internet traffic.

Fox-IT

Fox-IT

Fox-IT prevents, solves and mitigates the most serious cyber threats with smart solutions for governmental bodies, defense, law enforcement, critical infrastructure, banking and large enterprises.

Simeio Solutions

Simeio Solutions

Simeio is a complete Identity and Access Management (IAM) solution provider that engages securely with anyone, anywhere, anytime.

DirectDefense

DirectDefense

DirectDefense is an information security services and managed services provider.

BHC Laboratory

BHC Laboratory

BHC Laboratory is a cyber capabilities’ development company for a wide range of global customers.

Cingo Solutions

Cingo Solutions

Cingo Solutions is a Managed Detection & Response company providing specialized data security services.

InGuardians

InGuardians

InGuardians is an independent information security consulting firm specializing in penetration testing, threat hunting, and hardware hacking.

Seknox

Seknox

Seknox TRASA™ protects your business from insider threats.

Gigit

Gigit

Gigit’s Service portfolio focuses on your business’ needs and the integration of comprehensive cybersecurity policies, plans, procedures, and practices into your business culture and operations.

Acmetek Global Solutions

Acmetek Global Solutions

Acmetek is a Global Distributor and a Trusted Advisor of PKI /IOT & SSL Security Products and a Managed Services Company.

BlastWave

BlastWave

BlastWave deliver Operational Technology Cybersecurity solutions that minimize the available attack surface and protect against the rising tide of AI-powered cyber attacks.

Software Improvement Group (SIG)

Software Improvement Group (SIG)

Software Improvement Group helps business and technology leaders drive their organizational objectives by fundamentally improving the health and security of their software applications.

Ethiopian Cybersecurity Association (ECySA)

Ethiopian Cybersecurity Association (ECySA)

ECySA was formed to play an influential part in the ongoing and dawning cybersecurity practices of Ethiopia, efficiently creating public and private awareness on all kinds of cyber risks and threats.

Silk Security

Silk Security

Silk is the first platform that enables enterprises to take a strategic, sustainable approach to resolving code, infrastructure and application risk.