The US government has warned for years that products from Huawei Technologies Co. China, the world’s largest producer of telecommunications equipment, poses a national security threat to any countries it uses. With Washington holding a global campaign to prevent the company from providing high-end 5G wireless networks, Huawei and its supporters have dismissed the allegations as lacking evidence.
Now the Bloomberg News investigation has uncovered important evidence supporting US efforts – an unprecedented crime in the middle of the world nearly a decade ago.
In 2012, Australian intelligence officials informed U.S. counterparts to find complex interventions in the country’s communication systems. They started, they said, with a software update from Huawei loaded with malicious code.
Violations of the law and subsequent intelligence sharing were confirmed by nearly a dozen national security officials who received information about the matter from the Australian and US agencies from 2012 to 2019. The incident confirmed allegations in both countries that China had used Huawei devices as a spy, and was still part of the case against the Chinese company, as violations of the law had never been made public, former officials said.
Also Read: Cracks appear in West’s 5G strategy after Huawei
Also Read: Apple reveals which diplomats were hacked by Pegasus
The episode helps unravel previously unsettled security concerns driving the war on who will build 5G networks, promising to bring fast internet connections to billions of people around the world. Shenzhen-based Huawei dominates more than 90 billion global telecommunications market, competing with Sweden’s Ericsson AB and Finland’s Nokia Oyj. But the US, Australia, Sweden and the U.K. they have all blocked Huawei from their 5G networks, and about 60 countries have signed up to the US Department of State’s commitment to avoid China’s network equipment. Such efforts, which also imposed American sanctions against the Chinese company, slowed Huawei’s growth and deepened tensions with China.
The summaries described in Bloomberg contained a variety of details, and the previous officers who received them had different levels of knowledge – and a willingness to discuss – certain details. Seven of them agreed to provide detailed accounts of evidence disclosed by Australian authorities and included in their report.
At the root of the case, the officials said, was a software update from Huawei installed on the network of Australia’s largest telecommunications company. The update appears to be legitimate, but it has a malicious code that works like digital wiretap, which redirects infected machines to record all the communication you go through before sending information to China, they said. A few days later, the code removed itself, the result of a clever self-inflicted injury that was included in the update, they said. Finally, Australian intelligence agencies determined that Chinese intelligence was involved, with Huawei’s list of experts helping to maintain the equipment and pressing for updates on telecom systems.
Guided by an Australian tip, U.S. intelligence agencies that year confirmed a similar attack from China using US-based Huawei equipment, said six former officials, who declined to give further details.
Mike Rogers, a former Michigan Republican congressman and chairman of the US House of Representatives intelligence committee from 2011 to 2015, declined to comment on the incidents. But he confirmed that the national ban on Huawei was partly driven by evidence, which was presented privately to world leaders, that China used the company’s products for disrupted software updates, also known as patches.
“All of their spy tools have used the same tools,” said Rogers, a former FBI agent who is now a national security analyst at CNN. “All this work has come to the same conclusion: It’s all about access to administration, and the management episodes from Beijing are not to be trusted.”
Also Read: Israeli NSO spyware used to hack US State Department officials
Many people familiar with Australian intelligence have told Bloomberg that they were bound by confidentiality agreements and could not discuss it in the records. But Michèle Flournoy, a former policy secretary of defense in the Department of Defense under President Barack Obama, said he was not compelled to do so.
Flournoy, co-founder and managing partner of WestExec Advisors LLC, a national security company affiliated with the Obama and Biden administration, has confirmed the influx and disrupted software updates from Huawei. He said he read about the episode after leaving the government in early 2012, stressing that the information was distributed in unfamiliar forums.
“Australians from the beginning have had the courage to share their knowledge, not only on intelligence channels but also on government channels,” Flournoy said. “Australia experienced it, but it was also a call to awaken Australian partners.”
The Australian Signals Directorate, the country’s leading cybersecurity agency, declined to comment on the incident. “Whenever ASD detects an online incident affecting a business, it contacts the appropriate organization to provide advice and assistance,” the statement said. “ASD support is confidential – it is a matter for organizations to comment publicly on any cybersecurity incident.”
“Australia is not the only one facing threats from cybercriminals,” the organization said, noting that the government “has joined forces with others in the world to raise serious concerns about cybercrime acts by the Chinese Ministry of Homeland Security.”
In the U.S., the Federal Bureau of Investigation, National Security Agency, Cybersecurity and Infrastructure Security Agency and the National Counterintelligence and Security Center declined to comment.
Bloomberg did not find any evidence that Huawei’s top leadership was involved or aware of the attack. Huawei declined to comment. “It is difficult to comment on the speculation and the ‘top sources’ that are not quoted,” John Suffolk, Huawei’s global cybersecurity chief, said in a statement. “It is also difficult to comment on general terms such as ‘Australian communications,’ ‘software updates,’ ‘resources,’ etc.
However, he added, “no concrete evidence has ever been produced of any unintentional sin of any kind.”
Suffolk said Huawei experts can access networks only if customers authorize them, and that customers control when updates are installed on their systems. He said Huawei considered its employees to be at risk as a “legal threat” and was taking precautionary measures, including limiting access to source code and using “corruption prevention measures” to monitor harassment. “We are keeping a close eye on all our engineers. Where the law allows, we do more research, ”he said. “We control the software and equipment they use, and compliance training is required every year.”
Suffolk said Huawei is urging governments, consumers and the “security ecosystem” to review their products and look at the risks, and “it is this openness and transparency that acts as a great protector.”
Also Read: Apple reveals which diplomats were hacked by Pegasus
China’s Foreign Ministry said in a statement that the country “opposes and will deal with any form of cyberattack and cybercrime activities in accordance with the law, let alone the promotion of, support or conspiracy to commit fraud.”
“Australia’s slander against China by launching a cyberattack attack and espionage is like a thief who cries out to catch a thief. This type of slander in another region is an act that does not care about China which we strongly oppose, ”the department said. “We urge Australia not to misuse the word ‘national security’ and place unfounded allegations and unreasonable pressure on Huawei and other Chinese companies.”
How China Uses Huawei Access Australian Network Network, Former Security Officials Say
An unprecedented violation of the law since 2012 is still significant evidence in the U.S., Australia case against Huawei
Huawei was founded in 1987 by former Chinese People’s Liberation Army chief Ren Zhengfei, as a sales agent for business telephone systems, and over the past three decades has grown to become the world’s largest manufacturer of telecommunications equipment, including routers. , cell-tower switches and sticks used to block voice and data traffic via mobile networks.
Huawei entered the Australian market in 2004 and formed a partnership with two national wireless network operators.
Australia’s ruling telecom – Telstra Corp. Ltd. Melbourne – has long been avoiding Huawei products, due to concerns about possible Chinese harassment and the company’s partnership with Ericson, according to three former Telstra executives. “Telstra does not have any equipment from Huawei in its network now, and we do not have it before,” the company said in a statement.
But two smaller Telstra competitors have embraced the technology.
The first and most important partner was Optus, part of Singapore Telecommunications Ltd., Singapore’s largest telecommunications company. Optus has selected Huawei to develop major infrastructure several times, since 2005 with a subscription to digital subsidiaries of digital subsidiaries. Optus later selected Huawei in 2007 to provide part of its national 3G wireless network and in 2012 part of its 4G network. In addition to being Australia’s second largest carrier, Optus also operates the country’s largest satellite network, and works closely with Australian troops.
Huawei’s other key partner in Australia was Vodafone Hutchison Australia, the third largest mobile company in the country. It selected Huawei to upgrade all of its 2G and 3G infrastructure in 2011 and later parts of its 4G networks.
The identity of the telecom affected by the Australian law violations was not widely shared at a meeting of Australian and US intelligence officials, according to people who received it. But a former US intelligence officer and former Australian communications officer who worked in the national security department said they had been told it was Optus.
Optus disputed the information. “Optus has a strong track record of providing reliable and secure services, including large government agencies. This was presented in close co-operation with the government and in strict adherence to its security advice, ”the company said in a statement. “Optus considers security to be a priority. Any instances of infringement or merchant misconduct will be considered in our network investment decisions, but we are not aware of any suspected incidents. ”
After the merger of 2020, Vodafone Hutchison Australia became TPG Telecom Ltd. The company said it was unaware of the attack. “We can confirm that there was no such malware on our network, and we have never heard of this alleged incident in connection with any Australian networks,” the company said in a statement. “We adhere to all guidelines and advice from the Australian government regarding national security.”
Since 2010, Australian and US officials have been shocked by two factors: an increase in the number of robberies from China and Huawei’s growing role in their international communication systems, according to Michael Wessel, who has been a director for more than 20 years. commissioner to the Commission established by the US-China Economic and Security Review Commission.
The commission assesses the implications of national security on trade and economic relations between the two countries and reports on its recommendations.
Countries began investigating whether there were any such hacks back in Huawei’s machines, he said.
“When a locksmith puts extra locks on doors in the public eye and a sudden burglary occurs, sometimes the locksmith becomes an interested person,” said Wessel. “Huawei at the time was an important and interesting organization.”
By that time, the NSA had already entered Huawei’s social media platforms in China, seeking evidence of any links between the Chinese company and the military, according to documents leaked by former NSA contractor Edward Snowden and published in headlines in 2014. Under a program called Shotgiant, the US monitored the email accounts of Huawei employees, including Ren, the company’s founder. The NSA also looked at ways to exploit Huawei products on Chinese-made networks in countries considered to be the top intelligence agencies, including Afghanistan, Cuba, Iran, Kenya and Pakistan, according to documents and articles.
Huawei ‘s Suffolk said in a statement that “no such evidence has ever been presented that shows that Huawei was not very professional and that our founder Mr. Ren has a lot of annoying emails.”
Concerned about possible intrusion into its communications systems, Australia began to take a tough line to Huawei and China. In particular, Australia barred Huawei from participating in a major project to build a national broadband network, an unexpected decision that caused a stir when news broke out in early 2012. Prime Minister Julia Gillard said the decision involved “national security issues” that she could not discuss. Gillard declined to comment on the matter.
At the same time, Australia discovered a violation of the law – a rare find given hackers’ attempts to shut down their tracks.
Seven former officials who gave detailed accounts of their forums said Australian intelligence agencies had received suspicious traffic from the country’s communications system to China, a lead that has led to Huawei’s machinery. Investigators found access to some of the infected programs, but they arrived too late. Digital forensics statistics in those programs revealed only fragments of malicious code, and investigators reconstructed the attack using a variety of sensitive sources, including human spies and secret interviews, former officials said.
The attackers confiscated all the information that flowed through the machine during a short malware operation, former officials said. The details of those who provided access to private communications content and information that could be used to identify specific people or resources in future attacks, said former officials. Bloomberg could not learn what, if any, the attackers would do.
And in 2012, when Australian officials informed U.S. agencies about the violation, a House of Representatives intelligence committee published the findings that Chinese intelligence “has a” rich economy “of disrupting products from Huawei and a similar company, ZTE. Corp., from their design to their care for customer networks. One of these involves the so-called managed services, a common offering when companies provide ongoing support, including remote software updates, to their equipment after installation on customer sites, the report found. “Unfortunately, such contracts may also allow the contractor in charge of the service to use his or her authorized access to a malicious act under the guise of legal aid,” the report found.
Huawei and ZTE do not need to participate – or even be aware – of any of their attacks that occur with their staff positions. “Chinese intelligence services only need to hire professionals or level management at these companies” to make concessions to customer networks, the report found.
At the time, Huawei said the report “used a lot of rumors and speculation to substantiate the false allegations,” and a ZTE spokesman said after a year-long investigation, “the committee set its conclusions on finding ZTE likely to ‘be free. State influence.'” “It will apply to any company operating in China,” the spokesman said.
In the years since then, various reports have linked Huawei or its staff to spies and surveillance. In 2019, for example, the Wall Street Journal reported that Huawei experts, in at least two cases, helped African governments spy on politics, seize their secure communications, and use cell phone data to track their locations. Last year, Australian Financial Review found that Huawei was building a repository for all Papua New Guinea government data warehouses, but it contained security openings that exposed sensitive files that had been stolen. And on December 14, the Washington Post published documents from Huawei showing that the company was more involved in tracking Chinese people than it was.
Huawei has denied any reports, and the company has been disputing allegations that its products pose a security risk.
“Huawei has not had major cybersecurity incidents while working with more than 500 telecom providers, including most of the top 50 telecom operators, for almost 20 years in 170 countries to connect more than three billion people,” he said. said the company on its website. “No other vendor would want this level of cybersecurity success.”
Keith Krach, former secretary general of economic growth, energy and environment in the United States Department of State under President Donald Trump, declined to comment on certain incidents. But he confirmed that the US and its allies have for many years had evidence that China has used Huawei equipment for software updates.
“Huawei has dropped a lot of headaches that it will never install a back door on hardware – the back door means nothing because there is a front door that opens daily with software,” he said. “Huawei software updates can press any code they want on those devices, whenever they want, without anyone knowing.”
That description of the characters is “a dream,” said Huawei’s Suffolk. “There is no normal way to update the software, patches are not pushed at his discretion and Huawei cannot control or specify when the operator decides to upgrade or integrate his network,” he said.
In Australia, after nearly a decade of hostility to the government, Huawei has relinquished many of his jobs. Last year, the company announced a $ 100 million reduction in its investment in Australia and the loss of more than 1,000 local jobs, according to Financial Review. An important factor behind the ban on 5G, reports the Sydney Morning Herald, is intelligence testing that the risks associated with Huawei products were so great that it would have to be reduced by more than 300 different risks for safe use.
In a statement from Huawei in Bloomberg, the company said former Australian Prime Minister Malcolm Turnbull had publicly stated that “no evidence has been provided to show that Huawei did wrong in Australia.” In his memorandum, published in 2020, Turnbull wrote that the 5G ban against his superiors against Huawei “was a fence against the oncoming threat, not the identification of a smoking gun, but a loaded one.”
Turnbull, in a statement to Bloomberg, declined Huawei’s description. “That ‘s not what I said – I did not comment on whether evidence of Huawei’s misconduct was presented or seen,” he said. “So, if you like, I wouldn’t comment at all on that point.”
Turnbull declined to comment on the 2012 incident or any other intelligence related to Huawei.
Australia continues to face the fall of challenging China in a number of issues, including Huawei.
China has imposed a one-sided tax on Australian property, and Chinese hijackers have targeted Australian institutions with endless attacks since the country called last year to investigate the origins of Covid-19. Australia also announced an agreement in September with the US to build nuclear submarines, a challenge to China’s military growth that has exacerbated regional tensions.
Flournoy, a former Obama administration official, said China continues to punish Australia in part for its long-standing position with Huawei, which was partially informed of violations of a country acquired nearly a decade ago.
“They did not do any ordinary thing to try to hide their danger; they talked about what happened to those close to them and raised public suspicions, ”said Flournoy. “They’re still taking the reins on it.”