The Chinese government reportedly has "pervasive access" to some 80 percent of the world's communications, thanks to backdoors it has ordered to be installed in devices made by Huawei and ZTE Corporation. That's according to sources cited by Michael Maloof, a former senior security policy analyst in the Office of the Secretary of Defense, who now writes for WND:
In 2000, Huawei was virtually unknown outside China, but by 2009 it had grown to be one of the largest, second only to Ericsson.
As a consequence, sources say that any information traversing "any" Huawei equipped network isn't safe unless it has military encryption. One source warned, "even then, there is no doubt that the Chinese are working very hard to decipher anything encrypted that they intercept."
Sources add that most corporate telecommunications networks use "pretty light encryption" on their virtual private networks, or VPNs.
I found about Maloof's report via this week's edition of The CyberJungle podcast. Here's my rough transcription of what he says, at about 18 minutes and 30 seconds:
The Chinese government and the People's Liberation Army are so much into cyberwarfare now that they have looked at not just Huawei but also ZTE Corporation as providing through the equipment that they install in about 145 countries around in the world, and in 45 of the top 50 telecom centers around the world, the potential for backdooring into data. Proprietary information could be not only spied upon but also could be altered and in some cases could be sabotaged.
That's coming from technical experts who know Huawei, they know the company and they know the Chinese. Since that story came out I've done a subsequent one in which sources tell me that it's giving Chinese access to approximately 80 percent of the world telecoms and it's working on the other 20 percent now.
Even if you manage to avoid Chinese products (good luck!), your firm still isn't safe. That's because the electronic intrusions are supposedly done remotely through the use of the commercial networks set up by Huawei and ZTE that they have established in numerous countries. For example, companies communicating using VPNs with partner companies in countries where Huawei and ZTE have installed network equipment are potentially compromised, according to Maloof's sources.
Not only do Huawei and ZTE power telecom infrastructure all around the world, but they're still growing. The two firms are the main beneficiaries for vtelecommunication projects taking place in Malaysia with DiGi, Globe in the Philippines, Megafon in Russia, Etisalat in the United Arab Emirates, America Movil in a number of countries, Tele Norte in Brazil, and Reliance in India.
These deals are being struck because the equipment produced by Huawei and ZTE Corporation is reportedly subsidized by the Chinese government. State-backed Chinese banks supply national telecommunications infrastructure and don't seek payment on any of the equipment for years, according to Maloof's sources. This makes them very attractive since Western companies cannot compete with their prices for domestic and international development projects.
This is a lot to digest, and these claims seem a little crazy to me. Don't get me wrong; it would not surprise me in the slightest if the Chinese government had backdoor access via products made by some of its companies. After all, this not a new story:
I just find it a little hard to believe that it's so widespread. What do you think?
- Richard Clarke: China has hacked every major US company
- US and China test response capabilities via cyber war games
- Hacktivists stole 100 million records in 2011
- China admits Anonymous hacks
- Anonymous wants to take down the Great Firewall of China
- Anonymous hacks hundreds of Chinese government sites
- Chinese hacker arrested for leaking 6 million logins