转载,仅供批判用 https://www.bloomberg.com/news/articles/2021-12-16/chinese-spies-accused-of-using-huawei-in-secret-australian-telecom-hack Chinese Spies Accused of Using Huawei in Secret Australia Telecom Hack Software update loaded with malicious code is key evidence in years-long push to block Huawei, officials say By Jordan Robertson and Jamie Tarabay December 16, 2021, 6:00 PM EST The U.S. government has warned for years that products from China’s Huawei Technologies Co., the world’s biggest maker of telecommunications equipment, pose a national security risk for any countries that use them. As Washington has waged a global campaign to block the company from supplying state-of-the-art 5G wireless networks, Huawei and its supporters have dismissed the claims as lacking evidence. Now a Bloomberg News investigation has found a key piece of evidence underpinning the U.S. efforts — a previously unreported breach that occurred halfway around the world nearly a decade ago. In 2012, Australian intelligence officials informed their U.S. counterparts that they had detected a sophisticated intrusion into the country''s telecommunications systems. It began, they said, with a software update from Huawei that was loaded with malicious code. The breach and subsequent intelligence sharing was confirmed by nearly two dozen former national security officials who received briefings about the matter from Australian and U.S. agencies from 2012 to 2019. The incident substantiated suspicions in both countries that China used Huawei equipment as a conduit for espionage, and it has remained a core part of a case they’ve built against the Chinese company, even as the breach’s existence has never been made public, the former officials said. 系统提示:若遇到视频无法播放请点击下方链接 https://www.youtube.com/embed/https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html#goog_1785447508 Chinese Spies Accused of Using Huawei in Secret Telecom Hack
WATCH: Chinese Spies Accused of Using Huawei in Secret Telecom Hack The episode helps clarify previously opaque security concerns driving a battle over who will build 5G networks, which promise to bring faster internet connectivity to billions of people around the globe.[/iframe] The identity of the telecom impacted by the breach in Australia wasn''t shared widely in the briefings by Australian and U.S. intelligence officials, according to the people who received them. But a former senior U.S. intelligence official and a former Australian telecommunications executive who worked in a national security role said they were told it was Optus. Optus disputed the information. “Optus has a strong track record of providing trusted and secure services, including to major government agencies. These are delivered in close collaboration with government and with strict adherence to its advice on security matters,” the company said in a statement. “Optus takes security very seriously. Any incidents of breaches or inappropriate vendor behavior would be taken into account in our network investment decisions, but we have no knowledge of the alleged incidents.” After a 2020 merger, Vodafone Hutchison Australia became TPG Telecom Ltd. The company said it wasn’t aware of an attack. “We can confirm that there was no such malware in our network, and we have never heard of this alleged incident in respect of any Australian networks,” the company said in a statement. “We comply with all directions and advice from the Australian government in relation to national security.” Starting around 2010, officials in Australia and the U.S. had grown alarmed by two trends: the rising number of hacking attacks from China and Huawei’s expanding role in their countries’ telecommunications systems, according to Michael Wessel, who for more than 20 years has been a commissioner on the congressionally created U.S.-China Economic and Security Review Commission. The commission examines national security implications of the trade and economic relationships between the two countries and reports its recommendations. The countries began investigating whether any of those hacks traced back to Huawei equipment, he said. “If there’s a locksmith who’s installing more and more locks on the doors in a community and suddenly there’s a rash of silent robberies, at some point the locksmith becomes a person of interest,” Wessel said. “Huawei around that time became a significant entity of interest.” Michael Wessel, a commissioner on the U.S.-China Economic and Security Review CommissionPhotographer: Andrew Harrer/Bloomberg By that point, the NSA had already penetrated Huawei’s corporate networks in China, looking for evidence of any links between the company and China’s military, according to documents leaked by former NSA contractor Edward Snowden and published in news articles in 2014. Under a program called Shotgiant, the U.S. monitored e-mail accounts belonging to Huawei employees including Ren, the company’s founder. NSA also looked for ways to exploit Huawei products in Chinese-built networks in countries considered high-priority intelligence targets, including Afghanistan, Cuba, Iran, Kenya and Pakistan, according to the documents and articles. Huawei’s Suffolk said in his statement that “no such evidence was ever presented that demonstrated Huawei was anything other than highly professional and that our founder Mr. Ren has many, many boring e-mails.” Concerned about potential intrusion into its communications systems, Australia began taking a harder line on Huawei and China. In particular, Australia blocked Huawei from participating in massive project to build a nationwide broadband network, a surprise decision that triggered a diplomatic uproar when the news leaked in early 2012. Then-Prime Minister Julia Gillard said the decision involved “national security matters” that she couldn’t discuss. Gillard declined to comment for this story. Julia Gillard, former prime minister of AustraliaPhotographer: Mark Graham/Bloomberg Around that time, Australia discovered the breach — an extraordinary find given the hackers'' efforts to cover their tracks. The seven former officials who provided detailed accounts of their briefings said that Australia’s intelligence agencies had detected suspicious traffic flowing from the country’s telecommunications systems to China, a trail that led to Huawei equipment. Investigators gained access to some of the infected systems, but they arrived too late. Digital forensics on those systems revealed only fragments of the malicious code’s existence, and investigators reconstructed the attack using a variety of sensitive sources, including human informants and secretly intercepted conversations, the former officials said. The attackers had siphoned all the data flowing through the equipment during the malware''s short window of operation, the former officials said. The data gave them access to the contents of private communications and information that could be used to target specific people or devices in future attacks, the former officials said. Bloomberg was unable to learn what, if anything, the attackers did with it. Also in 2012, around the time Australian officials were briefing U.S. agencies about the breach, the intelligence committee of the House of Representatives published findings that China’s spy services had a “wealth of opportunities” to tamper with products from Huawei and a similar company, ZTE Corp., from their design to their maintenance on customer networks. One of those involves so-called managed services, a common offering where companies provide ongoing support, including remote software updates, for their equipment after it’s installed at customer sites, the report found. “Unfortunately, such contracts may also allow the managed-service contractor to use its authorized access for malicious activity under the guise of legitimate assistance,” the report found. Huawei and ZTE don’t need to be a participant in — or even be aware of — any attacks for them to occur through their employee ranks. “Chinese intelligence services need only recruit working-level technicians or managers in these companies” to carry out compromises of customer networks, the report found. At the time, Huawei said the report “employs many rumors and speculations to prove nonexistent accusations,” while a ZTE spokesman said that after a year-long investigation, “the committee rests its conclusions on a finding that ZTE may not be ‘free of state influence.’” That standard “would apply to any company operating in China,” the spokesman said. In the years since then, various reports have linked Huawei or its employees to spying and surveillance. In 2019, for example, the Wall Street Journal reported that Huawei technicians, in at least two instances, helped African governments spy on political opponents, intercepting their encrypted communications and using cellphone data to track their locations. Last year, Australia’s Financial Review found that Huawei built a facility to store the entire data archive for the Papua New Guinea government, but it contained glaring security gaps that exposed sensitive files to being stolen. And on Dec. 14, the Washington Post published documents from Huawei showing thatthe company has played a broader role in tracking China’s populace than it has acknowledged. Huawei denied each of the reports, and the company has consistently pushed back against allegations that its products pose a security risk. “Huawei has not had any major cybersecurity incidents while working with more than 500 telecom providers, including most of the top 50 telecom operators, for nearly 20 years in 170 countries to connect more than 3 billion people,” the company says on its website. “No other vendor can claim this level of cybersecurity success.” Keith Krach, former under secretary for economic growth, energy and the environment at the U.S. Department of StatePhotographer: Jim McAuley/Bloomberg Keith Krach, the former under secretary for economic growth, energy and the environment at the U.S. Department of State under President Donald Trump, declined to discuss specific incidents. But he confirmed that the U.S. and its allies have had evidence for years that China has manipulated Huawei equipment through software updates. “Huawei has thrown a lot of head fakes by saying it would never put a back door in the hardware — a back door means nothing because there''s a front door that''s open every day through software,” he said. “Huawei’s software updates can push whatever code they want into those machines, whenever they want, without anyone knowing.” That characterization is a “fantasy,” said Huawei’s Suffolk. “There is not a general software update mechanism, patches are not pushed at will and Huawei has no control or say when an operator decides to upgrade or patch their network,” he said. In Australia, after nearly a decade of hostility with the government, Huawei has abandoned many of its operations. Last year, the company revealed a $100 million financial cut to its Australian investment and more than 1,000 local job losses, according to the Financial Review. A key factor behind that 5G ban, the Sydney Morning Herald reported, was an intelligence assessment that the vulnerabilities associated with Huawei products were so severe that more than 300 separate risks would need to be mitigated in order to use it securely. In Huawei’s statement to Bloomberg, the company said that former Australian Prime Minister Malcolm Turnbull publicly stated that “no evidence had been provided to demonstrate that Huawei had undertaken anything untoward in Australia.” In his memoir, which was published in 2020, Turnbull wrote that his administration''s 5G ban against Huawei was a “hedge against a future threat, not the identification of a smoking gun, but a loaded one.” Turnbull, in a statement to Bloomberg, rejected Huawei''s characterization. “That is not what I have said — I made no comment as to whether evidence of untoward conduct by Huawei had been presented or observed,” he said. “So I was, if you like, deliberately making no comment on that point at all.” Turnbull declined to comment about the 2012 incident or any other intelligence matters related to Huawei. Australia continues to deal with the fallout from challenging China on a range of issues, including Huawei. Malcolm Turnbull, former prime minister of AustraliaPhotographer: Mark Graham/Bloomberg China has imposed damaging one-sided tariffs on Australian commodities, and Chinese hackers have targeted Australian institutions with relentless attacks since the country called last year for an independent probe into the origins of Covid-19. Australia also announced a pact in September with the U.S. to build nuclear-powered submarines, a challenge to China’s growing military presence that has further heightened tensions in the region. Flournoy, the former Defense Department official under Obama, said China continues to punish Australia in part because of it longstanding position on Huawei, which was informed in part by the breach the country discovered nearly a decade ago. “They didn’t do the typical thing of trying to hide the vulnerability; they talked about what happened with their closest allies and took a public stand,” Flournoy said. “They are still taking a hit for it.” — With assistance by Michael Riley, and Christopher Cannon (Updates to give Christopher Cannon an assist)
简单看了一眼, 给个Summary:美国和澳大利亚情报机构在2012年发现华为利用upgrade的code进行间谍活动。但是“受害者”不承认。 The identity of the telecom impacted by the breach in Australia wasn''''t shared widely in the briefings by Australian and U.S. intelligence officials, according to the people who received them. But a former senior U.S. intelligence official and a former Australian telecommunications executive who worked in a national security role said they were told it was Optus. Optus disputed the information. “Optus has a strong track record of providing trusted and secure services, including to major government agencies. These are delivered in close collaboration with government and with strict adherence to its advice on security matters,” the company said in a statement. “Optus takes security very seriously. Any incidents of breaches or inappropriate vendor behavior would be taken into account in our network investment decisions, but we have no knowledge of the alleged incidents.” 10年前2012年的冷饭现在又拿出来炒一遍。 华为间谍这么多年了, 居然找不到新的令人信服的证据, 真是很奇怪。其实这种冷饭炒作还不如不炒,效果相反。
https://www.bloomberg.com/news/articles/2021-12-16/chinese-spies-accused-of-using-huawei-in-secret-australian-telecom-hack
Chinese Spies Accused of Using Huawei in Secret Australia Telecom Hack Software update loaded with malicious code is key evidence in years-long push to block Huawei, officials say By Jordan Robertson and Jamie Tarabay December 16, 2021, 6:00 PM EST
The U.S. government has warned for years that products from China’s Huawei Technologies Co., the world’s biggest maker of telecommunications equipment, pose a national security risk for any countries that use them. As Washington has waged a global campaign to block the company from supplying state-of-the-art 5G wireless networks, Huawei and its supporters have dismissed the claims as lacking evidence. Now a Bloomberg News investigation has found a key piece of evidence underpinning the U.S. efforts — a previously unreported breach that occurred halfway around the world nearly a decade ago. In 2012, Australian intelligence officials informed their U.S. counterparts that they had detected a sophisticated intrusion into the country''s telecommunications systems. It began, they said, with a software update from Huawei that was loaded with malicious code. The breach and subsequent intelligence sharing was confirmed by nearly two dozen former national security officials who received briefings about the matter from Australian and U.S. agencies from 2012 to 2019. The incident substantiated suspicions in both countries that China used Huawei equipment as a conduit for espionage, and it has remained a core part of a case they’ve built against the Chinese company, even as the breach’s existence has never been made public, the former officials said.
系统提示:若遇到视频无法播放请点击下方链接
https://www.youtube.com/embed/https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html#goog_1785447508
Chinese Spies Accused of Using Huawei in Secret Telecom Hack
WATCH: Chinese Spies Accused of Using Huawei in Secret Telecom Hack The episode helps clarify previously opaque security concerns driving a battle over who will build 5G networks, which promise to bring faster internet connectivity to billions of people around the globe.[/iframe]
The identity of the telecom impacted by the breach in Australia wasn''t shared widely in the briefings by Australian and U.S. intelligence officials, according to the people who received them. But a former senior U.S. intelligence official and a former Australian telecommunications executive who worked in a national security role said they were told it was Optus. Optus disputed the information. “Optus has a strong track record of providing trusted and secure services, including to major government agencies. These are delivered in close collaboration with government and with strict adherence to its advice on security matters,” the company said in a statement. “Optus takes security very seriously. Any incidents of breaches or inappropriate vendor behavior would be taken into account in our network investment decisions, but we have no knowledge of the alleged incidents.” After a 2020 merger, Vodafone Hutchison Australia became TPG Telecom Ltd. The company said it wasn’t aware of an attack. “We can confirm that there was no such malware in our network, and we have never heard of this alleged incident in respect of any Australian networks,” the company said in a statement. “We comply with all directions and advice from the Australian government in relation to national security.” Starting around 2010, officials in Australia and the U.S. had grown alarmed by two trends: the rising number of hacking attacks from China and Huawei’s expanding role in their countries’ telecommunications systems, according to Michael Wessel, who for more than 20 years has been a commissioner on the congressionally created U.S.-China Economic and Security Review Commission. The commission examines national security implications of the trade and economic relationships between the two countries and reports its recommendations.
The countries began investigating whether any of those hacks traced back to Huawei equipment, he said. “If there’s a locksmith who’s installing more and more locks on the doors in a community and suddenly there’s a rash of silent robberies, at some point the locksmith becomes a person of interest,” Wessel said. “Huawei around that time became a significant entity of interest.”
Michael Wessel, a commissioner on the U.S.-China Economic and Security Review CommissionPhotographer: Andrew Harrer/Bloomberg By that point, the NSA had already penetrated Huawei’s corporate networks in China, looking for evidence of any links between the company and China’s military, according to documents leaked by former NSA contractor Edward Snowden and published in news articles in 2014. Under a program called Shotgiant, the U.S. monitored e-mail accounts belonging to Huawei employees including Ren, the company’s founder. NSA also looked for ways to exploit Huawei products in Chinese-built networks in countries considered high-priority intelligence targets, including Afghanistan, Cuba, Iran, Kenya and Pakistan, according to the documents and articles. Huawei’s Suffolk said in his statement that “no such evidence was ever presented that demonstrated Huawei was anything other than highly professional and that our founder Mr. Ren has many, many boring e-mails.”
Concerned about potential intrusion into its communications systems, Australia began taking a harder line on Huawei and China. In particular, Australia blocked Huawei from participating in massive project to build a nationwide broadband network, a surprise decision that triggered a diplomatic uproar when the news leaked in early 2012. Then-Prime Minister Julia Gillard said the decision involved “national security matters” that she couldn’t discuss. Gillard declined to comment for this story.
Julia Gillard, former prime minister of AustraliaPhotographer: Mark Graham/Bloomberg Around that time, Australia discovered the breach — an extraordinary find given the hackers'' efforts to cover their tracks. The seven former officials who provided detailed accounts of their briefings said that Australia’s intelligence agencies had detected suspicious traffic flowing from the country’s telecommunications systems to China, a trail that led to Huawei equipment. Investigators gained access to some of the infected systems, but they arrived too late. Digital forensics on those systems revealed only fragments of the malicious code’s existence, and investigators reconstructed the attack using a variety of sensitive sources, including human informants and secretly intercepted conversations, the former officials said. The attackers had siphoned all the data flowing through the equipment during the malware''s short window of operation, the former officials said. The data gave them access to the contents of private communications and information that could be used to target specific people or devices in future attacks, the former officials said. Bloomberg was unable to learn what, if anything, the attackers did with it.
Also in 2012, around the time Australian officials were briefing U.S. agencies about the breach, the intelligence committee of the House of Representatives published findings that China’s spy services had a “wealth of opportunities” to tamper with products from Huawei and a similar company, ZTE Corp., from their design to their maintenance on customer networks. One of those involves so-called managed services, a common offering where companies provide ongoing support, including remote software updates, for their equipment after it’s installed at customer sites, the report found. “Unfortunately, such contracts may also allow the managed-service contractor to use its authorized access for malicious activity under the guise of legitimate assistance,” the report found. Huawei and ZTE don’t need to be a participant in — or even be aware of — any attacks for them to occur through their employee ranks. “Chinese intelligence services need only recruit working-level technicians or managers in these companies” to carry out compromises of customer networks, the report found. At the time, Huawei said the report “employs many rumors and speculations to prove nonexistent accusations,” while a ZTE spokesman said that after a year-long investigation, “the committee rests its conclusions on a finding that ZTE may not be ‘free of state influence.’” That standard “would apply to any company operating in China,” the spokesman said. In the years since then, various reports have linked Huawei or its employees to spying and surveillance. In 2019, for example, the Wall Street Journal reported that Huawei technicians, in at least two instances, helped African governments spy on political opponents, intercepting their encrypted communications and using cellphone data to track their locations. Last year, Australia’s Financial Review found that Huawei built a facility to store the entire data archive for the Papua New Guinea government, but it contained glaring security gaps that exposed sensitive files to being stolen. And on Dec. 14, the Washington Post published documents from Huawei showing that the company has played a broader role in tracking China’s populace than it has acknowledged. Huawei denied each of the reports, and the company has consistently pushed back against allegations that its products pose a security risk.
“Huawei has not had any major cybersecurity incidents while working with more than 500 telecom providers, including most of the top 50 telecom operators, for nearly 20 years in 170 countries to connect more than 3 billion people,” the company says on its website. “No other vendor can claim this level of cybersecurity success.”
Keith Krach, former under secretary for economic growth, energy and the environment at the U.S. Department of StatePhotographer: Jim McAuley/Bloomberg Keith Krach, the former under secretary for economic growth, energy and the environment at the U.S. Department of State under President Donald Trump, declined to discuss specific incidents. But he confirmed that the U.S. and its allies have had evidence for years that China has manipulated Huawei equipment through software updates. “Huawei has thrown a lot of head fakes by saying it would never put a back door in the hardware — a back door means nothing because there''s a front door that''s open every day through software,” he said. “Huawei’s software updates can push whatever code they want into those machines, whenever they want, without anyone knowing.” That characterization is a “fantasy,” said Huawei’s Suffolk. “There is not a general software update mechanism, patches are not pushed at will and Huawei has no control or say when an operator decides to upgrade or patch their network,” he said.
In Australia, after nearly a decade of hostility with the government, Huawei has abandoned many of its operations. Last year, the company revealed a $100 million financial cut to its Australian investment and more than 1,000 local job losses, according to the Financial Review. A key factor behind that 5G ban, the Sydney Morning Herald reported, was an intelligence assessment that the vulnerabilities associated with Huawei products were so severe that more than 300 separate risks would need to be mitigated in order to use it securely. In Huawei’s statement to Bloomberg, the company said that former Australian Prime Minister Malcolm Turnbull publicly stated that “no evidence had been provided to demonstrate that Huawei had undertaken anything untoward in Australia.” In his memoir, which was published in 2020, Turnbull wrote that his administration''s 5G ban against Huawei was a “hedge against a future threat, not the identification of a smoking gun, but a loaded one.” Turnbull, in a statement to Bloomberg, rejected Huawei''s characterization. “That is not what I have said — I made no comment as to whether evidence of untoward conduct by Huawei had been presented or observed,” he said. “So I was, if you like, deliberately making no comment on that point at all.” Turnbull declined to comment about the 2012 incident or any other intelligence matters related to Huawei.
Australia continues to deal with the fallout from challenging China on a range of issues, including Huawei.
Malcolm Turnbull, former prime minister of AustraliaPhotographer: Mark Graham/Bloomberg China has imposed damaging one-sided tariffs on Australian commodities, and Chinese hackers have targeted Australian institutions with relentless attacks since the country called last year for an independent probe into the origins of Covid-19. Australia also announced a pact in September with the U.S. to build nuclear-powered submarines, a challenge to China’s growing military presence that has further heightened tensions in the region. Flournoy, the former Defense Department official under Obama, said China continues to punish Australia in part because of it longstanding position on Huawei, which was informed in part by the breach the country discovered nearly a decade ago. “They didn’t do the typical thing of trying to hide the vulnerability; they talked about what happened with their closest allies and took a public stand,” Flournoy said. “They are still taking a hit for it.”
— With assistance by Michael Riley, and Christopher Cannon (Updates to give Christopher Cannon an assist)
The identity of the telecom impacted by the breach in Australia wasn''''t shared widely in the briefings by Australian and U.S. intelligence officials, according to the people who received them. But a former senior U.S. intelligence official and a former Australian telecommunications executive who worked in a national security role said they were told it was Optus. Optus disputed the information. “Optus has a strong track record of providing trusted and secure services, including to major government agencies. These are delivered in close collaboration with government and with strict adherence to its advice on security matters,” the company said in a statement. “Optus takes security very seriously. Any incidents of breaches or inappropriate vendor behavior would be taken into account in our network investment decisions, but we have no knowledge of the alleged incidents.”
10年前2012年的冷饭现在又拿出来炒一遍。 华为间谍这么多年了, 居然找不到新的令人信服的证据, 真是很奇怪。其实这种冷饭炒作还不如不炒,效果相反。