Tuesday, May 7, 2019

When Chinese Networks Spy On Their Users

On April 30th, global wireless telecom company Vodafone went public with a statement to Bloomberg News saying that the London-based wireless provider found “hidden backdoors,” i.e. multiple security flaws in the wireless network supplied by Chinese network provider Huawei. The problem first surfaced in 2011 when Vodafone engineers found “backdoors” in Huawei broadband gateway (home router) equipment in their Italian network. Backdoors are software access points which allow the network manager (Huawei in this case), or third parties like hackers or spies, to get into the network and potentially see the private data traffic of millions of users.  

According to Bloomberg and a more in-depth report in British technology publication The Register, security tests by Vodafone in 2011 found that Huawei routers had a “hidden” backdoor that could be used by a malicious actor to take control not just of that router but of the entire network. Huawei told Vodafone it would remove the backdoor. However, subsequent tests by Vodafone later that year found it was still there. When Vodafone protested, Huawei then changed its story, saying the backdoor needed to remain for network management purposes. 

Vodafone Chief Information Security Officer Bryan Littlefair wrote up the situation this way in a 2011 report: “What is of most concern here is that actions of Huawei in agreeing to remove the code, then trying to hide it, and now refusing to remove it as they need it to remain for `quality’ purposes.”

African Union
The story of spying at the African Union (AU) headquarters offers an equally worrying tale. A decade ago, a Chinese network provider built a network in the new headquarters of the African Union in Addis Ababa, Ethiopia. The African Union is a forum for the 55 nations of Africa to work together. The new 19-story glass tower headquarters (above) was built by the China State Construction Engineering Corporation. The name of the network provider has not been revealed but the only Chinese companies capable of providing a full-service wireline and wireless network are Huawei and ZTE. The state-of-the-art network provided voice, video, and data services within the headquarters and high-speed connections to the global Internet. 

According to a shocking article in French newspaper Le Monde published on January 26, 2018, African Union technology managers discovered in 2017 that the network was a giant listening device. Wrote Le Monde: “according to several internal sources, each night the secrets of this institution were copied and stored more than 8,000 kilometers from Addis Ababa on mysterious servers hosted somewhere in Shanghai.”

The espionage began in 2012 and continued nightly until 2017, when Union technology managers made the discovery. According to Le Monde and the London Financial Times (FT), which independently confirmed the story, the Union decided to avoid embarrassment by replacing the Chinese technology while publicly denying the espionage ever happened. The Union’s tech team added encryption to all their communications and stopped using Ethio Telecom, which has a reputation for electronic surveillance. According to Le Monde, when the Chinese engineers offered to configure the new servers, the AU tech managers thanked them politely—but did it themselves instead. 

One angry senior African Union official told Le Monde: “We let them bug us and we did nothing. The Chinese are here 27 hours out of 24. They planted lots of microphones and cyber-spying tools when they built the building.”

The FT pointed out that China has built much of the modern infrastructure across Africa, relying on a $60 billion aid and investment budget President Xi pledged for Africa three years ago. That infrastructure includes buildings, roads, railroads, and telecom networks. Quoting a McKinsey report, the FT said there are 10,000 Chinese companies operating in Africa. 

Writing for the Council of Foreign Relations, Africa analyst Mailyn Fidler commented last year that “the African Union’s failure to address China’s behavior demonstrates just how dramatically China’s influence has narrowed African strategic choices…if this continues, African autonomy will take a real hit.”

In another media investigation, British technology publication The Register revealed that Huawei was warned about a vulnerability in the software code in its broadband gateways (home routers) back in 2013, but took only minimal action to correct the problem.  Huawei created a software patch to fix the problem on that specific model but did not revise the software on all its broadband gateways. The result was that four years later, in 2017, Israeli Internet security experts Check Point Research found that the vulnerability was being exploited by a hacker known as Nexus Zeta. He used the vulnerability to plant the Mirai virus on Huawei home routers in the US, Italy, Egypt, and elsewhere. That virus has been used by malicious actors to take out large sections of the Internet—although in this case no major outages were reported.

It’s not clear whether Huawei dragged its feet on upgrading its broadband gateway software out of incompetence or because it had a hidden agenda for using that vulnerability. The Register sees it as “bungling” by the Chinese network provider. In a recent summary of the affair, The Register made clear its doubts about Huawei’s reliability: “British government policy is that while Huawei network equipment is not secure enough for government networks, officials say it is acceptable to expose the general public to the potential risks present in Huawei gear.”

The problem for the UK, US, and other non-Chinese governments is that there is a very limited choice of full-service network providers. A telecom company’s relationship with its network provider is akin to a marriage. The telecom company can be very demanding before it selects its network provider, but once it has agreed to work with a network provider, the two are typically stuck with each other for years. A nationwide telecom network can easily cost over $100 million and take five years or more to install. 

Even though the telecom company is the customer and writing the checks, once the network is even partially installed, the telecom company can find it hard to get the network provider to do what it wants, as quickly as it wants. Rolling out network changes or upgrades becomes a major engineering project. (Here’s another report from Britain about foot-dragging by Huawei.) For this reason, telecom companies always want to have two providers in their network, and another outsider as an alternative in case the situation gets bad enough that the telecom company wants either to threaten or actually implement a “rip and replace” to throw out one network provider. 

Aside from Huawei, there are only two truly full-service wireline and wireless network providers, Nokia of Finland and Ericsson of Sweden. US allies like Britain and Germany have refused to go along with the US request to ban Chinese providers from major networks partly because a third provider is a very useful weapon to keep the other two providers in line. While prices are always a subject of negotiation, timing issues are often more contentious. The telecom customer wants network projects, be they installations, upgrades, or fixes, to be completed quickly; the network provider often sets a schedule that is slower than the customer would like and then falls behind its own schedule.  

The British government’s decision to allow its large carriers to use Huawei in non-core parts of the network is likely an effort to offer a sop to Washington while at the same time allowing British telecom companies to keep the Chinese provider in play as a bargaining tool. 

As the above events show, this sort of compromise solution is likely to please neither the US government nor the foreign telecom companies. It’s also unlikely to deliver a truly secure service to local network users. The market needs another alternative provider, preferably one based in the US. A $50 billion-plus a year market can support a third non-Chinese option.

Also check out last year's feature on Chinese intellectual property theft:
https://www.prosperousamerica.org/top_ten_cases_of_chinese_ip_theft













No comments:

Post a Comment