Wednesday 26 March 2014

US hacked servers at Chinese firm Huawei and scoured email database

huawei-sign-logo
The National Security Agency (NSA) hacked into the servers of Chinese telecoms giant Huawei and accessed the source code at the heart of its products, according to reports.
The New York Times and Der Spiegel said documents from ex-CIA worker Edward Snowden showed that the spy agency went to great lengths to infiltrate the servers of Huawei, and had great success.
Der Spiegel said the US gained access to the source code at the heart of key Huawei products as well as information on 1,400 customers and internal documents on training given to its product engineers.
Such widespread knowledge and access to its source code allowed the US to read emails sent by all staff at the firm, which are routed through the firm's key servers in Shenzhen, including those of CEO Ren Zhengfei.
"We currently have good access and so much data that we don't know what to do with it," states one internal NSA document, according to Der Spiegel.
The document reportedly states that the reason for the large-scale effort against Huawei was due to the “unique” threat it could pose to the US, given its dominance in the telecoms market that gives it such large-scale insight to global web traffic.
"Huawei's widespread infrastructure will provide the PRC [People's Republic of China] with SIGINT [signals intelligence] capabilities."
Huawei hit back at the revelations in a statement criticising the US: "If the actions in the report are true Huawei condemns such activities that invaded and infiltrated into our internal corporate network and monitored our communication."
It also moved to reassure customers that its equipment and networks were free from interference, secure and not under threat.
"The security and integrity of our corporate network and our products are our highest priorities. That is the reason why we have an end-to-end security assurance system and why we are continuously working to enhance that system," it said.
"Like other enterprises, we continuously block, clean and reinforce our infrastructure from cyber threats."
The revelations come amid ongoing tensions between the US and China in the cyber arena, with China accused of targeting US firms on several occasions. Mandiant uncovered 141 attacks against US companies in February 2013.
Publicly, though, both nations have always downplayed any animosity and claimed they share common goals online. Whether this public show of unity lasts after the latest revelations remains to be seen.

No comments:

Post a Comment