• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

APT42 impersonates cyber professionals to phish Israeli academics and journalists

 | 

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

 | 

Cisco fixed critical ISE flaws allowing Root-level remote code execution

 | 

U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

 | 

CitrixBleed 2: The nightmare that echoes the 'CitrixBleed' flaw in Citrix NetScaler devices

 | 

Hackers deploy fake SonicWall VPN App to steal corporate credentials

 | 

Mainline Health Systems data breach impacted over 100,000 individuals

 | 

Disrupting the operations of cryptocurrency mining botnets

 | 

Prometei botnet activity has surged since March 2025

 | 

The U.S. House banned WhatsApp on government devices due to security concerns

 | 

Russia-linked APT28 use Signal chats to target Ukraine official with malware

 | 

China-linked APT Salt Typhoon targets Canadian Telecom companies

 | 

U.S. warns of incoming cyber threats following Iran airstrikes

 | 

McLaren Health Care data breach impacted over 743,000 people

 | 

American steel giant Nucor confirms data breach in May attack

 | 

The financial impact of Marks & Spencer and Co-op cyberattacks could reach £440M

 | 

Iran-Linked Threat Actors Cyber Fattah Leak Visitors and Athletes' Data from Saudi Games

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 50

 | 

Security Affairs newsletter Round 529 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Iran confirmed it shut down internet to protect the country against cyberattacks

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Cyber warfare
  • Intelligence
  • Security
  • U.S. communication equipments subject to China cyber espionage

U.S. communication equipments subject to China cyber espionage

Pierluigi Paganini June 10, 2012

The new is disturbing, according to former and current intelligence sources Chinese companies have the ability to remotely access to the communication equipments sold to the United States and Western Countries. The revelation made by the open source intelligence company Lignet reinforces a lot of concerns about the possible presence of backdoors in communications devices that could allow the foreign government to disable the telecommunications infrastructure, according the Pentagon analyst, China can shut down all the telecom infrastructures.

Another disturbing aspect is that the remote control capability of transmitting devices may be exploited over time for purposes of cyber espionage in military and civilian, stealing technology, trade secrets and other confidential information.

During last weeks different news circulated on internet regarding the presence of a backdoor in a microchip used by the US military and manufactured in China, the announcement is not isolated in fact also the ZTE company and the Huawei were accused to introduce stealth circuit and software to allow remote control of the sold devices.

Suspects are motivated also by the direct link between companies and Chinese government. Huawei (Officially Huawei Technologies Co. Ltd.) is a Chinese multinational networking and telecommunications equipment and services company. It is the second-largest supplier of mobile telecommunications infrastructure equipment in the world (after Ericsson).

The company actually provides strategic equipment to the major nations of the world and holds relationships with leading global technological providers.

The Chinese company has always been a disputed too close to the Chinese government policy and the Chinese People’s Liberation Army. Many point to the company as under a fully government control, pointing out that Ren Zhengfei, the founder of the company, served as an engineer in the Chinese People’s Liberation Army in the early 1980s.

The company has received numerous allegations in the past, to name a few we think of its proximity to the government and the company has provided support in the implementation of systems of censorship. Also at Huawei has been questioned in the past have supported numerous operations of cyber espionage and cyber attacks such as the operation GhostNet.

Huawei, suspected of exploiting electronic telecommunications with the introduction of backdoors, continues to sell communications technology in the U.S., but its business relationship are serious difficulties. The joint venture between Symantec and Huawei Technologies is ended because the American IT security firms feared that the collaboration with the Chinese telecommunications producer could have a sensible impact on its business. In particular the US Government could not give to Symantec access to its classified information . The risks are really serious, this information could be used by hostiles government in cyber attacks and cyber espionage activities in the short term. While, on the domestic front the US Government, aware of its vulnerability, is moving defining and implementing cyber strategies aimed at strengthening its systems, the events of recent months have shown that relationships with contractors are the weakest link in the chain safety. The governmental contractors exchange sensitive information and therefore it is expected that the government seeks assurances regarding arrangements employed for the management of information.

Another reason of concern is that also Iran‘s security network relies on Huawei technology, and U.S. analysts  fear that the Iranians could access to the same backdoor to compromise U.S. defense.

The Reuters agency has confirmed that the ZTE Corp, the world’s No.4 handset vendor, reported that one of its mobile phone models sold in the US contains a vulnerability that could allow a remote control of the handset. The backdoor affects ZTE’s Score model based on Android operating system, it’s the first case reported on the platform and many expert are convinced that the event is not casual.

The presence of a backdoor once again raises the issue of qualification of the hardware, especially if the same is an integral part of a country of critical structures such as communication systems.

The G2 Bulletin “Chinese threat: Shutdown of telecoms” reveals that chip backdoor option could be used before military action against US and Western countries, China in fact has been manufacturing counterfeit components that have introduced into sensitive U.S. weapons systems.

Just few months ago Department of Homeland security officials are warning of weaknesses in the technology supply chain that result in the importation of devices that are already infected with malware, spyware, backdoors and other malicious code that leave the units vulnerable to exploitation. Backdoor malware is no more a secret. Kill switches and backdoors could be easily hidden into internet devices by the same manufacturers and could be used for the exposed intents by criminals or foreign states once the devices have been deployed by their buyers.

The White House Cyber Policy Review, released earlier this year, warned that

“the emergence of new centers for manufacturing, design, and research across the globe raises concerns about the potential for easier subversion of computers and networks through subtle hardware or software manipulations. Counterfeit products have created the most visible supply problems, but few documented examples exist of unambiguous, deliberate subversions.”

“We do not want a $12 million defense interceptor’s reliability compromised by a $2 counterfeit part,” Gen. Patrick O’Reilly, director of the U.S. Missile Defense Agency said.

Let consider that hardware vulnerabilities are usually very hard to detect, electronics devices could be preloaded with spyware or others malware that could be used to disable or extract data from hosting systems or to use the infected device as a launch point for an attack across the network to which it is attached.

Are we sure regarding the hardware origin? Which are the main problems we can have acquiring hardware in a blind way?

One of the first consequences of world economic crisis has caused the cutting of budgets in private, public and military sectors encouraging low-cost, off-the-shelf procurement. This has been a dramatic decline in the use of authorized resellers and parts purchased directly from the manufacturer located in Far East. Under the new rules, government contractors were explicitly discouraged from designing systems that required the use of expensive, proprietary electronics or processors that would never be widely produced.

It is strongly advisable perform deep analysis of the hardware we buy also because often they became part of critical component or infrastructures, but it is not easy to understand and accept that hardware-based security is fundamental.
Too much people consider the world hardware like synonymous of secure and it’s totally wrong.

The problem of counterfeit Chinese electronic components, installed by defense contractors without prior accurate testing and are operating in U.S. military systems, is far more widespread than originally thought, because this parts are usually provided by supplier and defense contractors located in the West that import devices from China.

These counterfeit components have been found in sensitive U.S. weapon systems such as missile systems, in night vision devices and in various military aircraft.

According numerous reports provided by the DoD China is considered the most active entity in cyber espionage

“Chinese actors are the world’s most active and persistent perpetrators of economic espionage,”

“Chinese attempts to collect U.S. technological and economic information will continue at a high level and will represent a growing and persistent threat to U.S. economic security.”

“China is likely to remain an aggressive and capable collector of sensitive U.S. economic information and technologies, particularly in cyberspace,”

The risks are concrete, in many occasion has been discussed about the continuous attacks of Chinese stated sponsor hackers against American networks. Officials from the FBI, the Department of Homeland Security and the Justice Department’s national security division compose a special collective named “Team Telecom,” in charge of review FCC applications by foreign-owned companies. The problem is really critic, on one side we have valuable business opportunity, on the other hand there is the security of the nation, for this reasons the group have to define a proper agreement to preserve both needs. In discussion is the routing of traffic from US Carriers (e.g. Verizon Communications Inc. or AT&T Inc) on networks the management of which is licensed by China Mobile.

Personally I feel very justified concerns of U.S. security experts, the risk of espionage is real must be managed with the utmost care to avoid catastrophic consequences.  I’m more worried about the hardware that is destinated for a large consume and therefore can not for obvious reasons, be subjected to strict controls. Units of cars, home automation systems, control units for anti-theft devices, network devices for domestic and small business. In these areas, it is relatively easy to infiltrate modified hardware, simply drill a discounted cost. For consumer goods the customs are not equipped for the validation of hardware and we consider that similar devices may also be edited once they arrive at the distributions. The chain is objectively difficult to control.

Pierluigi Paganini

 


facebook linkedin twitter

backdoors China cyber espionage DoD Huawei Intelligence Iran US ZTE company

you might also like

Pierluigi Paganini June 27, 2025
APT42 impersonates cyber professionals to phish Israeli academics and journalists
Read more
Pierluigi Paganini June 26, 2025
Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    APT42 impersonates cyber professionals to phish Israeli academics and journalists

    APT / June 27, 2025

    Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

    Cyber Crime / June 26, 2025

    Cisco fixed critical ISE flaws allowing Root-level remote code execution

    Security / June 26, 2025

    U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

    Security / June 26, 2025

    CitrixBleed 2: The nightmare that echoes the 'CitrixBleed' flaw in Citrix NetScaler devices

    Hacking / June 26, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT