The NSA Hacked Huawei Long Ago

Uploaded on 2022-09-15 in INTELLIGENCE--USA, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, INTELLIGENCE-Hot Spots-China

The US government has warned for years that products from China’s Huawei Technologies, the world’s biggest maker of telecommunications equipment, pose a national security risk for any countries that use them.

While some technology experts claimed that there was no solid evidence that Huawei and other Chinese brands employ any hidden and malicious privacy invasion. But more recently, Huawei devices have taken the centre stage in cyber security and several European countries have expressed major concerns.

Consider a scenario where you may use a Huawei telephone to have a conversation with a friend or a work colleague. It could be a discussion about a business deal, a programming project you're working on, or important business meetings. You could inadvertently pass along proprietary information to a foreign government without realising it.

The National Security Agency (NSA) is an intelligence agency of the United States Department of Defense responsible for the collection and analysis of foreign communications and foreign signals intelligence, as well as protecting US government communications and information systems, which involves cryptanalysis and cryptography.

In 2014 documents were leaked from the NSA that revealed the US spy service was secretly stealing electronic data and other secrets by hacking Huawei.

The sensational spying operation, code-named Shotgiant, was undermined by Edward Snowden, the former NSA contractor now living in Russia who disclosed the top-secret hacking after stealing nearly 2 million NSA documents and releasing them to the press.

An investigation by Bloomberg journalists has revealed how the NSA was able to conduct its electronic spying operations around the world, penetrating Huawei’s routers and listening to the communications that passed through them. 

A person familiar with the operation said spies working for the NSA Tailored Access Operations group, the secret hacking unit based near Baltimore-Washington International Airport, were able to get inside Huawei equipment because of an earlier hack of Cisco Systems routers.

In the early, 2000s, Huawei was sued by Cisco for stealing portions of Cisco’s Internetwork Operating System, or IOS, a family of software used in the company’s routers and switches. The case was settled quietly out of court.

While it's unlikely that Huawei and other Chinese brands would be entirely banned for the average consumer, multiple governments are looking to minimise and ban the use of Huawei technology in their telecommunications networks.

If Huawei were to acquire control over a large part of the telecommunications market in the western world, the Chinese intelligence community could potentially have access to user data. It could also intercept, or even shut down, all communications from those devices.

But in case the NSA already knows the details of Huawei's technology, they can most likely take steps to block or prevent any damaging malicious activity, and they don't need to be quite so worried about using it.

Bloomberg:    Washington Times:      ComputerWorld:     Makeuseof.com

You Might Also Read: 

Who’s Afraid Of Huawei?

 

« Using SAST To Prevent Zero Day Vulnerabilities
Three Simple Steps To Effective Cybersecurity »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

DTEX Systems

DTEX Systems

DTEX Systems is the global leader for insider risk management. We empower organizations to prevent data loss by proactively stopping insider risks from becoming insider threats.

Global Digital Forensics (GDF)

Global Digital Forensics (GDF)

GDF specialise in Digital Forensics and e-Discovery. Other services include Data Breach Response and Cyber Security.

Advanced Resource Managers (ARM)

Advanced Resource Managers (ARM)

ARM provide specialist recruitment services for technology and engineering including cyber security.

MetaFlows

MetaFlows

MetaFlows’ SaaS malware detection & prevention software passively analyzes the behavior and the content of Internet traffic.

OSSEC

OSSEC

OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS).

CloudAlly

CloudAlly

CloudAlly provides online cloud to cloud backup and recovery solutions, which backs up daily changes in your SaaS to unlimited Amazon S3 storage and makes it available for restore or export.

A-LIGN

A-LIGN

A-LIGN is a technology-enabled security and compliance partner trusted by more than 2,500 global organizations to mitigate cybersecurity risks.

Amadeus Capital Partners

Amadeus Capital Partners

Amadeus Capital Partners offers over 20 years’ experience in technology investment. Our areas of focus include AI & machine learning and cyber security.

White Hawk Software

White Hawk Software

White Hawk provides code tamper-proofing solutions to protect mission critical software applications from malicious and Zero day attacks and reverse engineering at run time.

CentricalCyber

CentricalCyber

CentricalCyber is a cyber risk consultancy and NIST CSF specialist set up to help business leaders better understand and manage cyber risk.

Belcan

Belcan

Belcan is a global supplier of engineering, manufacturing & supply chain, workforce and government IT solutions to customers in the aerospace, defense, automotive, industrial, and private sector.

Hybrid Identity Protection Conference (HIP)

Hybrid Identity Protection Conference (HIP)

Hybrid Identity Protection (HIP) is the premier educational forum for identity-centric cybersecurity practitioners charged with defending hybrid cloud environments.

tru.ID

tru.ID

We’re tru.ID, and we're reimagining mobile authentication, one API at a time.

Red Access

Red Access

Red Access provides the first SaaS-based platform to protect web browsing from cyber threats on any browser and any in-app while ensuring frictionless user experience.

Papua New Guinea National Cyber Security Centre (PNG NCSC)

Papua New Guinea National Cyber Security Centre (PNG NCSC)

PNG NCSC is a jointly funded initiative enabling PNG to benefit with the most advanced cyber protection of its critical information and communications technology infrastructure.

CNF Technologies

CNF Technologies

CNF Technologies is an award-winning cyber company providing technology-focused research and development to commercial, federal, and Department of Defense clients.

BuddoBot

BuddoBot

BuddoBot has been a pioneering force in cybersecurity and information technology since 2008.