The Official Chinese 🇨🇳 Espionage & Cold War Thread
Bloomberg - Are you a robot?
Vodafone Found Hidden Backdoors in Huawei Equipment
While the carrier says the issues found in 2011 and 2012 were resolved at the time, the revelation may further damage the reputation of a Chinese powerhouse.
By
Daniele Lepido
April 30, 2019, 2:45 AM EDT Updated on April 30, 2019, 12:54 PM EDT
Vodafone Said to Have Found Huawei Security Vulnerabilities From 2009
For months, Huawei Technologies Co. has faced U.S. allegations that it flouted sanctions on Iran, attempted to steal trade secrets from a business partner and has threatened to enable Chinese spying through the telecom networks it’s built across the West.
Now Vodafone Group Plc has acknowledged to Bloomberg that it found vulnerabilities going back years with equipment supplied by Shenzhen-based Huawei for the carrier’s Italian business. While Vodafone says the issues were resolved, the revelation may further damage the reputation of a major symbol of China’s global technology prowess.
Europe’s biggest phone company identified hidden backdoors in the software that could have given Huawei unauthorized access to the carrier’s fixed-line network in Italy, a system that provides internet service to millions of homes and businesses, according to Vodafone’s security briefing documents from 2009 and 2011 seen by Bloomberg, as well as people involved in the situation.
Huawei’s cyber security lab in Dongguan, China.
Photographer: Qilai Shen/Bloomberg
Vodafone asked Huawei to remove backdoors in home internet routers in 2011 and received assurances from the supplier that the issues were fixed, but further testing revealed that the security vulnerabilities remained, the documents show. Vodafone also identified backdoors in parts of its fixed-access network known as optical service nodes, which are responsible for transporting internet traffic over optical fibers, and other parts called broadband network gateways, which handle subscriber authentication and access to the internet, the people said. The people asked not to be identified because the matter was confidential.
Opinion: The West Finally Has Its Huawei Smoking Gun
A backdoor, in cybersecurity terms, is a method of bypassing security controls to access a computer system or encrypted data. While backdoors can be common in some network equipment and software because developers create them to manage the gear, they can be exploited by attackers. In Vodafone’s case, the risks included possible third-party access to a customer's personal computer and home network, according to the internal documents.
The Trump administration, arguing such end-runs around security in Huawei’s equipment could invite espionage by the Chinese state, is trying to persuade Western allies to block the company from the next generation of mobile networks. Huawei has repeatedly denied that it creates backdoors and says it’s not beholden to Beijing.
Read more: The U.S. Is Losing a Major Front to China in the New Cold War
Huawei’s ability to continue winning contracts from London-based Vodafone, despite the carrier’s security concerns, underscores the challenge facing the U.S. as it tries to hinder the world’s top telecom equipment vendor and No. 2 supplier of smartphones. Huawei is vying against a stable of Western companies including Nokia Oyj and Ericsson AB to roll out fifth-generation, or 5G, wireless networks.
Vodafone has defended Huawei against the U.S. onslaught, which has placed Europe—Huawei’s largest market outside China—in the middle of a trade battle between two superpowers. At stake is leadership in key areas, principally 5G technology that’s designed to support the internet of things and new applications in industries spanning automotive, energy to healthcare. Vodafone Chief Executive Officer Nick Read has joined peers in publicly opposing any bans on Huawei from 5G rollouts, warning of higher costs and delays. The defiance shows that countries across Europe are willing to risk rankling the U.S. in the name of 5G preparedness.
The Huawei Barometer
Countries that have banned Huawei make up nearly a third of the world’s GDP
Sources: International Monetary Fund GDP data for 2018; Bloomberg
In a statement to Bloomberg, Vodafone said it found vulnerabilities with the routers in Italy in 2011 and worked with Huawei to resolve the issues that year. There was no evidence of any data being compromised, it said. The carrier also identified vulnerabilities with the Huawei-supplied broadband network gateways in Italy in 2012 and said those were resolved the same year. Vodafone also said it found records that showed vulnerabilities in several Huawei products related to optical service nodes. It didn’t provide specific dates and said the issues were resolved. It said it couldn't find evidence of historical vulnerabilities in routers or broadband network gateways beyond Italy.
“In the telecoms industry it is not uncommon for vulnerabilities in equipment from suppliers to be identified by operators and other third parties,” the company said. “Vodafone takes security extremely seriously and that is why we independently test the equipment we deploy to detect whether any such vulnerabilities exist. If a vulnerability exists, Vodafone works with that supplier to resolve it quickly.”
In a statement, Huawei said it was made aware of historical vulnerabilities in 2011 and 2012 and they were addressed at the time. A company spokesman said the flaws in the equipment related to maintenance and diagnostic functions common across the industry, as well as vulnerabilities. “There is absolutely no truth in the suggestion that Huawei conceals backdoors in its equipment.”
However, Vodafone’s account of the issue was contested by people involved in the security discussions between the companies. Vulnerabilities in both the routers and the fixed access network remained beyond 2012 and were also present in Vodafone’s businesses in the U.K., Germany, Spain and Portugal, said the people. Vodafone stuck with Huawei because the services were competitively priced, they said.
An engineer from British wireless network provider EE checks 5G masts and Huawei 5G equipment during trials in London on March 15, 2019.
Photographer: Simon Dawson/Bloomberg
While backdoors are common in home routers, they are usually fixed by manufacturers once disclosed, said Eric Evenchick, Principal Research Consultant at Atredis Partners, a U.S. based cybersecurity firm. Evenchick called the situation with Huawei’s equipment “very concerning.”
Founded in 1987, Huawei entered the European market in 2000. Landmark contracts with Britain’s BT Group Plc and Norway’s TeliaSonera helped Huawei win market share from—and eventually surpass—Nokia and Ericsson.
Vodafone started buying wifi routers from Huawei in 2008 for its Italian business and, later, for the U.K., Germany, Spain and Portugal. Routers are specialized machines that assist in directing voice and other kinds of data coursing over the internet.
Pulling Ahead
Between 2013 and 2018, Huawei increased its telecom market share by 8 percentage points
Source: Dell'Oro
2018 market share
Vodafone managers had concerns with the security of the routers almost right away. They were the topic of an internal presentation from October 2009 that pointed to 26 open bugs in the routers, six identified as “critical” and nine as “major.” Vodafone said in the report that Huawei would need to remove or inhibit a so-called telnet service—a protocol used to control devices remotely—that the carrier said was a backdoor giving Huawei access to sensitive data.
In January 2011, Vodafone Italy started a deeper probe of the routers, according to two reports from April of that year. Security testing by an independent contractor identified the telnet backdoor as the greatest concern, posing risks including giving unauthorized access to Vodafone’s broader Wide Area Network (WAN is a network that spans a large footprint). The telnet had “undocumented functionality inserted by Huawei without notifying Vodafone,” including a “hidden Telnet daemon” program giving anyone aware of the backdoor's existence the ability to take administrative control of a router. Vodafone noted that it’s an industry practice by some router manufacturers to use a telnet service to manage their equipment, but the company said it didn’t allow this.
The documents chronicle a two-month period during which Vodafone’s Italian unit discovered the telnet service, demanded its removal by Huawei and received assurances from the supplier that the problem was fixed. After further testing, Vodafone found that the telnet service could still be launched.
Vodafone said Huawei then refused to fully remove the backdoor, citing a manufacturing requirement. Huawei said it needed the telnet service to configure device information and conduct tests including on wifi, and offered to disable the service after taking those steps, according to the document.
QuicktakeHow Huawei Became a Target for Governments
“Unfortunately for Huawei the political background means that this event will make life even more difficult for them in trying to prove themselves an honest vendor,” Vodafone said in one of the April 2011 documents authored by its chief information security officer at the time, Bryan Littlefair.
“What is of most concern here is that actions of Huawei in agreeing to remove the code, then trying to hide it, and now refusing to remove it as they need it to remain for ‘quality’ purposes,” Littlefair wrote.
Huawei declined to comment on the concerns raised by Littlefair. Littlefair didn’t respond to requests for comment.
“There’s no specific way to tell that something is a backdoor and most backdoors would be designed to look like a mistake,” said Stefano Zanero, an associate professor of computer security at Politecnico di Milano University. “That said, the vulnerabilities described in the Vodafone reports from 2009 and 2011 have all the characteristics of backdoors: deniability, access and a tendency to be placed again in subsequent versions of the code,” he said.
Huawei called software vulnerabilities “an industry-wide challenge.” In a statement, it said: “Like every ICT vendor we have a well-established public notification and patching process, and when a vulnerability is identified we work closely with our partners to take the appropriate corrective action.”
Made in China
Huawei has a lot of market share to lose in Europe, the Middle East and Africa
Source: IHS Markit
Huawei has expanded its relationship with Vodafone well beyond routers and is now its fourth-largest supplier behind Apple, Nokia and Ericsson. Huawei’s gear is found across Vodafone’s wireless networks in Europe; in the U.K., equipment from Huawei accounts for about one-third of the radio-access network, a critical piece of the infrastructure.
Some telecom companies have taken steps to limit Huawei’s exposure from the most sensitive parts of their networks, amid the added government scrutiny. In January, Vodafone’s CEO Read said the company had paused purchases of Huawei equipment for the core of its mobile networks in Europe, citing too much “noise” around the situation.
Still, carriers including Vodafone are fighting against the threat of Huawei being banned in Europe because they’ve come to rely so heavily on the supplier. Abandoning Huawei for 5G, with Europe already lagging behind China and the U.S., could force them to rip out the supplier’s 4G gear, a process that could take years and cost billions of dollars.
— With assistance by Tommaso Ebhardt, Tom Giles, Thomas Seal, Frank Connelly, and Patricia Suzara
www.bloomberg.com/opinion/articles/2019-04-30/huawei-backdoors-found-by-vodafone-are-a-smoking-gun
The West Finally Has Its Huawei Smoking Gun
It may not be enough to sway those who are already convinced of the Chinese company’s innocence.
By
Tim Culpan
April 30, 2019, 4:12 AM EDT
Look closely.
Photographer: Simon Dawson/Bloomberg
Tim Culpan is a Bloomberg Opinion columnist covering technology. He previously covered technology for Bloomberg News.
Read more opinion Follow @tculpan on Twitter
COMMENTS
LISTEN TO ARTICLE
2:50
SHARE THIS ARTICLE
Share
Tweet
Post
Email
In this article
VOD
VODAFONE GROUP
142.00
GBp
-1.36-0.95%
For more than a decade, executives, intelligence agencies and conspiracy theorists have been warning about the dangers of equipment from China’s Huawei Technologies Co.
And for almost as long, Huawei has denied that its telecommunications products pose any kind of security threat.
The West has finally found its smoking gun. Yet it may not be enough to sway those on either side of the debate.
As far back as 2009, Vodafone Group Plc — one of the world’s most powerful and far-reaching telecom companies — found hidden backdoors that could have given Huawei access to its fixed-line network in Italy, Bloomberg News’s Daniele Lepido reported Tuesday, citing security briefing documents from the London-based company.
Big Money
Vodafone spends an average 6 billion euros annually on fixed production assets
Source: Bloomberg
In a statement to Bloomberg News, Vodafone acknowledged that it had discovered such vulnerabilities.
A key point in the documents is that even after Vodafone asked Huawei to remove backdoors in its home internet routers in 2011, and received assurances that that they had been, further tests found that the vulnerabilities remained.
Giving cover to Huawei’s assertions of innocence is Vodafone itself, which said that the problems were eventually fixed and that there’s no evidence of data being compromised. The British company went a step further:
“It is not uncommon for vulnerabilities in equipment from suppliers to be identified by operators and other third parties … If a vulnerability exists, Vodafone works with that supplier to resolve it quickly.”
That’s supposed to be a comfort, I guess, but it’s not. Vulnerabilities in both routers and the fixed-access network remained, and were found elsewhere in Europe. Vodafone stuck with Huawei because its services were competitively priced, Lepido reported.
Telecom operators have a vested interest in ensuring their networks are secure, only allowing access that is authorized and logged. They provide services to corporations and governments that demand security, and losing their trust risks losing business.
Yet Vodafone and its peers also have an interest in ensuring Huawei doesn’t get banned from bidding for contracts. The Chinese company’s entry into the market gave carriers more choice beyond a select group of European and North American suppliers.
Expansion Plans
Huawei's sales of equipment to telecom operators and enterprises continue to climb as the Chinese company extends its global reach
Source: Huawei, Bloomberg
Having Huawei, or its compatriot ZTE Corp., taken off the tender list reduces operators’ bargaining power even if they lean toward a Western option. That’s among the reasons we’ve seen telecom executives play down the risks and even defend Huawei. Money is a powerful incentive, and a penny saved is a penny earned.
Expect Huawei proponents and telecom operators to dismiss this revelation as an aberration that proves nothing. Huawei’s newly invigorated PR machine will whip into overdrive, and Chinese authorities will spin the report as propaganda. Meanwhile, Western politicians will crow “I told you so.”
When the stakes — financial, political and security-related — are so high, even a smoking gun may not be enough for a guilty verdict.
This column does not necessarily reflect the opinion of the editorial board or Bloomberg LP and its owners.
To contact the author of this story:
Tim Culpan at tculpan1@bloomberg.net
To contact the editor responsible for this story:
Matthew Brooker at mbrooker1@bloomberg.net
The West Finally Has Its Huawei Smoking Gun
It may not be enough to sway those who are already convinced of the Chinese company’s innocence.
By
Tim Culpan
April 30, 2019, 4:12 AM EDT
Look closely.
Photographer: Simon Dawson/Bloomberg
Tim Culpan is a Bloomberg Opinion columnist covering technology. He previously covered technology for Bloomberg News.
Read more opinion Follow @tculpan on Twitter
COMMENTS
LISTEN TO ARTICLE
2:50
SHARE THIS ARTICLE
Share
Tweet
Post
In this article
VOD
VODAFONE GROUP
142.00
GBp
-1.36-0.95%
For more than a decade, executives, intelligence agencies and conspiracy theorists have been warning about the dangers of equipment from China’s Huawei Technologies Co.
And for almost as long, Huawei has denied that its telecommunications products pose any kind of security threat.
The West has finally found its smoking gun. Yet it may not be enough to sway those on either side of the debate.
As far back as 2009, Vodafone Group Plc — one of the world’s most powerful and far-reaching telecom companies — found hidden backdoors that could have given Huawei access to its fixed-line network in Italy, Bloomberg News’s Daniele Lepido reported Tuesday, citing security briefing documents from the London-based company.
Big Money
Vodafone spends an average 6 billion euros annually on fixed production assets
Source: Bloomberg
In a statement to Bloomberg News, Vodafone acknowledged that it had discovered such vulnerabilities.
A key point in the documents is that even after Vodafone asked Huawei to remove backdoors in its home internet routers in 2011, and received assurances that that they had been, further tests found that the vulnerabilities remained.
Giving cover to Huawei’s assertions of innocence is Vodafone itself, which said that the problems were eventually fixed and that there’s no evidence of data being compromised. The British company went a step further:
“It is not uncommon for vulnerabilities in equipment from suppliers to be identified by operators and other third parties … If a vulnerability exists, Vodafone works with that supplier to resolve it quickly.”
That’s supposed to be a comfort, I guess, but it’s not. Vulnerabilities in both routers and the fixed-access network remained, and were found elsewhere in Europe. Vodafone stuck with Huawei because its services were competitively priced, Lepido reported.
Telecom operators have a vested interest in ensuring their networks are secure, only allowing access that is authorized and logged. They provide services to corporations and governments that demand security, and losing their trust risks losing business.
Yet Vodafone and its peers also have an interest in ensuring Huawei doesn’t get banned from bidding for contracts. The Chinese company’s entry into the market gave carriers more choice beyond a select group of European and North American suppliers.
Expansion Plans
Huawei's sales of equipment to telecom operators and enterprises continue to climb as the Chinese company extends its global reach
Source: Huawei, Bloomberg
Having Huawei, or its compatriot ZTE Corp., taken off the tender list reduces operators’ bargaining power even if they lean toward a Western option. That’s among the reasons we’ve seen telecom executives play down the risks and even defend Huawei. Money is a powerful incentive, and a penny saved is a penny earned.
Expect Huawei proponents and telecom operators to dismiss this revelation as an aberration that proves nothing. Huawei’s newly invigorated PR machine will whip into overdrive, and Chinese authorities will spin the report as propaganda. Meanwhile, Western politicians will crow “I told you so.”
When the stakes — financial, political and security-related — are so high, even a smoking gun may not be enough for a guilty verdict.
This column does not necessarily reflect the opinion of the editorial board or Bloomberg LP and its owners.
To contact the author of this story:
Tim Culpan at tculpan1@bloomberg.net
To contact the editor responsible for this story:
Matthew Brooker at mbrooker1@bloomberg.net
88m3
Fast Money & Foreign Objects
@∆y = f(∆x)
Washington Post
A former CIA case officer long suspected in the intelligence community of being a devastating mole for the Chinese government admitted Wednesday he conspired to commit espionage in that country.
About this website
WASHINGTONPOST.COM|BY RACHEL WEINER
Former CIA officer Jerry Lee admits conspiracy to spy for China
Officials believe he helped compromise assets in the country.
Washington Post
A former CIA case officer long suspected in the intelligence community of being a devastating mole for the Chinese government admitted Wednesday he conspired to commit espionage in that country.
About this website
WASHINGTONPOST.COM|BY RACHEL WEINER
Former CIA officer Jerry Lee admits conspiracy to spy for China
Officials believe he helped compromise assets in the country.
:ALERTRED:
How Chinese Spies Got the N.S.A.’s Hacking Tools, and Used Them for Attacks
By Nicole Perlroth, David E. Sanger and Scott Shane
May 6, 2019
The server room at Symantec in Culver City, Calif. The company provided the first evidence that Chinese state-sponsored hackers had acquired some of the National Security Agency’s cybertools before other hackers.Michal Czerwonka for The New York Times
Chinese intelligence agents acquired National Security Agency hacking tools and repurposed them in 2016 to attack American allies and private companies in Europe and Asia, a leading cybersecurity firm has discovered. The episode is the latest evidence that the United States has lost control of key parts of its cybersecurity arsenal.
Based on the timing of the attacks and clues in the computer code, researchers with the firm Symantec believe the Chinese did not steal the code but captured it from an N.S.A. attack on their own computers — like a gunslinger who grabs an enemy’s rifle and starts blasting away.
The Chinese action shows how proliferating cyberconflict is creating a digital wild West with few rules or certainties, and how difficult it is for the United States to keep track of the malware it uses to break into foreign networks and attack adversaries’ infrastructure.
The losses have touched off a debate within the intelligence community over whether the United States should continue to develop some of the world’s most high-tech, stealthy cyberweapons if it is unable to keep them under lock and key.
The Chinese hacking group that co-opted the N.S.A.’s tools is considered by the agency’s analysts to be among the most dangerous Chinese contractors it tracks, according to a classified agency memo reviewed by The New York Times. The group is responsible for numerous attacks on some of the most sensitive defense targets inside the United States, including space, satellite and nuclear propulsion technology makers.
Now, Symantec’s discovery, unveiled on Monday, suggests that the same Chinese hackers the agency has trailed for more than a decade have turned the tables on the agency.
Some of the same N.S.A. hacking tools acquired by the Chinese were later dumped on the internet by a still-unidentified group that calls itself the Shadow Brokers and used by Russia and North Korea in devastating global attacks, although there appears to be no connection between China’s acquisition of the American cyberweapons and the Shadow Brokers’ later revelations.
But Symantec’s discovery provides the first evidence that Chinese state-sponsored hackers acquired some of the tools months before the Shadow Brokers first appeared on the internet in August 2016.
Repeatedly over the past decade, American intelligence agencies have had their hacking tools and details about highly classified cybersecurity programs resurface in the hands of other nations or criminal groups.
The N.S.A. used sophisticated malware to destroy Iran’s nuclear centrifuges — and then saw the same code proliferate around the world, doing damage to random targets, including American business giants like Chevron. Details of secret American cybersecurity programs were disclosed to journalists by Edward J. Snowden, a former N.S.A. contractor now living in exile in Moscow. A collection of C.I.A. cyberweapons, allegedly leaked by an insider, was posted on WikiLeaks.
“We’ve learned that you cannot guarantee your tools will not get leaked and used against you and your allies,” said Eric Chien, a security director at Symantec.
Now that nation-state cyberweapons have been leaked, hacked and repurposed by American adversaries, Mr. Chien added, it is high time that nation states “bake that into” their analysis of the risk of using cyberweapons — and the very real possibility they will be reassembled and shot back at the United States or its allies.
In the latest case, Symantec researchers are not certain exactly how the Chinese obtained the American-developed code. But they know that Chinese intelligence contractors used the repurposed American tools to carry out cyberintrusions in at least five countries: Belgium, Luxembourg, Vietnam, the Philippines and Hong Kong. The targets included scientific research organizations, educational institutions and the computer networks of at least one American government ally.
One attack on a major telecommunications network may have given Chinese intelligence officers access to hundreds of thousands or millions of private communications, Symantec said.
Symantec did not explicitly name China in its research. Instead, it identified the attackers as the Buckeye group, Symantec’s own term for hackers that the Department of Justice and several other cybersecurity firms have identified as a Chinese Ministry of State Security contractor operating out of Guangzhou.
Because cybersecurity companies operate globally, they often concoct their own nicknames for government intelligence agencies to avoid offending any government; Symantec and other firms refer to N.S.A. hackers as the Equation group. Buckeye is also referred to as APT3, for Advanced Persistent Threat, and other names.
In 2017, the Justice Department announced the indictment of three Chinese hackers in the group Symantec calls Buckeye. While prosecutors did not assert that the three were working on behalf of the Chinese government, independent researchers and the classified N.S.A. memo that was reviewed by The Times made clear the group contracted with the Ministry of State Security and had carried out sophisticated attacks on the United States.
A Pentagon report about Chinese military competition, issued last week, describes Beijing as among the most skilled and persistent players in military, intelligence and commercial cyberoperations, seeking “to degrade core U.S. operational and technological advantages.”
In this case, however, the Chinese simply seem to have spotted an American cyberintrusion and snatched the code, often developed at huge expense to American taxpayers.
Symantec discovered that as early as March 2016, the Chinese hackers were using tweaked versions of two N.S.A. tools, called Eternal Synergy and Double Pulsar, in their attacks. Months later, in August 2016, the Shadow Brokers released their first samples of stolen N.S.A. tools, followed by their April 2017 internet dump of its entire collection of N.S.A. exploits.
Symantec researchers noted that there were many previous instances in which malware discovered by cybersecurity researchers was released publicly on the internet and subsequently grabbed by spy agencies or criminals and used for attacks. But they did not know of a precedent for the Chinese actions in this case — covertly capturing computer code used in an attack, then co-opting it and turning it against new targets.
“This is the first time we’ve seen a case — that people have long referenced in theory — of a group recovering unknown vulnerabilities and exploits used against them, and then using these exploits to attack others,” Mr. Chien said.
The Chinese appear not to have turned the weapons back against the United States, for two possible reasons, Symantec researchers said. They might assume Americans have developed defenses against their own weapons, and they might not want to reveal to the United States that they had stolen American tools.
For American intelligence agencies, Symantec’s discovery presents a kind of worst-case scenario that United States officials have said they try to avoid using a White House program known as the Vulnerabilities Equities Process.
Under that process, started in the Obama administration, a White House cybersecurity coordinator and representatives from various government agencies weigh the trade-offs of keeping the American stockpile of undisclosed vulnerabilities secret. Representatives debate the stockpiling of those vulnerabilities for intelligence gathering or military use against the very real risk that they could be discovered by an adversary like the Chinese and used to hack Americans.
The Shadow Brokers’ release of the N.S.A.’s most highly coveted hacking tools in 2016 and 2017 forced the agency to turn over its arsenal of software vulnerabilities to Microsoft for patching and to shut down some of the N.S.A.’s most sensitive counterterrorism operations, two former N.S.A. employees said.
The N.S.A.’s tools were picked up by North Korean and Russian hackers and used for attacks that crippled the British health care system, shut down operations at the shipping corporation Maersk and cut short critical supplies of a vaccine manufactured by Merck. In Ukraine, the Russian attacks paralyzed critical Ukrainian services, including the airport, Postal Service, gas stations and A.T.M.s.
“None of the decisions that go into the process are risk free. That’s just not the nature of how these things work,” said Michael Daniel, the president of the Cyber Threat Alliance, who previously was cybersecurity coordinator for the Obama administration. “But this clearly reinforces the need to have a thoughtful process that involves lots of different equities and is updated frequently.”
Beyond the nation’s intelligence services, the process involves agencies like the Department of Health and Human Services and the Treasury Department that want to ensure N.S.A. vulnerabilities will not be discovered by adversaries or criminals and turned back on American infrastructure, like hospitals and banks, or interests abroad.
That is exactly what appears to have happened in Symantec’s recent discovery, Mr. Chien said. In the future, he said, American officials will need to factor in the real likelihood that their own tools will boomerang back on American targets or allies. An N.S.A. spokeswoman said the agency had no immediate comment on the Symantec report.
One other element of Symantec’s discovery troubled Mr. Chien. He noted that even though the Buckeye group went dark after the Justice Department indictment of three of its members in 2017, the N.S.A.’s repurposed tools continued to be used in attacks in Europe and Asia through last September.
“Is it still Buckeye?” Mr. Chien asked. “Or did they give these tools to another group to use? That is a mystery. People come and go. Clearly the tools live on.”
@88m3 @ADevilYouKhow @wire28 @dtownreppin214
@DonKnock @dza @wire28 @BigMoneyGrip @Dameon Farrow @re'up @Blackfyre @Cali_livin @NY's #1 Draft Pick
Last edited:
NoCookies | The Australian
Chinese spying on rise: Taiwan
12:00AM May 11, 2019
Tsai Ing-wen presides over the groundbreaking ceremony for the island's submarine shipyard in Kaohsiung on Thursday. Picture: AP
Taiwan President Tsai Ing-wen says China has stepped up its efforts to infiltrate and gain influence in Taiwan and she asked national security agencies to counter Beijing’s efforts.
Ms Tsai said Taiwan would deter military aggression in the Taiwan strait, vowing to boost defence capabilities, including upgrading military equipment and the recently launched program to build submarines locally.
“The Chinese Communist Party continues to demonstrate provocative actions in the Taiwan Strait, destroying the status quo across the Taiwan Strait,” she said yesterday.
Her comments follow a spike in cross-strait tensions last month when China’s military staged extensive drills with warships, bombers and reconnaissance aircraft around the island.
Taiwan scrambled jets to monitor the drills, which a senior US official at the time described as coercion and a threat to regional stability.
Beijing suspects Ms Tsai is pushing for the island’s formal independence and has steadily stepped up political and military pressure.
Any formal independence move is a red line for China, which has never renounced the use of force to bring Taiwan under its control.
Ms Tsai has said she wants to maintain the status quo with China but will defend Taiwan’s security and democracy.
The US House of Representatives this week unanimously backed legislation supporting Taiwan as members of the US congress push for a sharper approach to relations with Beijing.
Ms Tsai on Thursday presided over a breaking-ground ceremony for a submarine shipyard in the southern city of Kaohsiung, saying subs were an effective way to deter a foe from surrounding the island by sea.
“We must have concept and thinking of asymmetric warfare,” she said, referring to the military concept where a smaller opponent can hold off a larger one using specialised strategies and tactics.
China operates a growing navy that now boasts 75 submarines, including latest-generation home-constructed vessels.
Taiwan operates just four aged submarines but pressure from China has prevented it from buying more abroad. Plans call for the shipyard to produce eight diesel craft, with the first due for completion in 2025.
Taiwan relies on the US for much of its defence needs, but the US now produces only nuclear-powered submarines.
Holland’s decision to sell Taiwan two Zwaardvis Class submarines 30 years ago resulted in a major diplomatic rift with Beijing and, under Chinese pressure, they would not sell more, Ms Tsai said.
“Therefore, building them indigenously is our only way,” she said on Thursday.
Despite Chinese pressure, more than a dozen foreign firms have reportedly expressed strong interest in taking part in the submarine projects under the Kaohsiung-based Taiwan Shipbuilding Corporation, also known as CSBC.
Ms Tsai has made reviving Taiwan’s indigenous armaments industry a priority for her administration. Since Ms Tsai took office in 2016, China has stepped up military, diplomatic and economic pressure on Taiwan in hopes of compelling her to endorse its contention that the island is a part of China, known as the “One-China Principle”.
Surveys show large majorities of Taiwanese reject Beijing’s demands for political unification between the sides, preferring to maintain their current de-facto independent status.
AP, Reuters