Huawei: Undetected Spying, Commercial Witch Hunt or China Bashing?

The innovative Chinese company, Huawei is again in the news and not because it has dislodged Apple in second place in the global smartphone market. CNBC  reports in what seems to be a re-hash of an advisory issued six years ago, that the heads of CIA, FBI, and NSA warned the U.S. Senate Intelligence Committee that Americans should be cautioned against buying Huawei and ZTE smartphones, two popular Chinese brands. Ironically, the U.S. brand, Apple, has been accused also of spying on user data.

FBI Director Chris Wray issued the strongest ever statement against the popular brand, “We’re deeply concerned about the risks of allowing any company or entity that is beholden to foreign governments that don’t share our values to gain positions of power inside our telecommunications networks. That provides the capacity to exert pressure or control over our telecommunications infrastructure. It provides the capacity to maliciously modify or steal information. And it provides the capacity to conduct undetected espionage.”

Is life imitating art in the post-Cold War era? Is your innocent little phone, a depository of confidential information moonlighting as a spy? Huawei, based in Shenzen China is a 30-year old company but has only been producing handsets since 2003. Present in 170 countries, it has shipped over 139 million units, and in Sept. 2017 dislodged Apple’s firm position as the second most popular brand and is now just behind Samsung. However, this second place position is disputable because Counterpoint Research claims that it is highly popular only in China, Europe, Latin America, and the Middle East but not in Northern America. Furthermore, none of its models have ranked as the best selling models with the top spots claimed by iPhone, Oppo, and Samsung.

So, is this commercial witchhunt or a legitimate concern about possible “undetected espionage”? Here’s what the U.S. consumer market was warned about six years ago – a deja vu to current claims:

Huawei has faced grave accusations from the U.S., Australian, and Canadian governments. The U.S. Congress has even gone to the factories but isn’t convinced six years after the initial controversy that Huawei is above board and is not a security threat. Why then were Huawei and ZTE allowed to sell (and prosper) in the U.S. market even after the congressional committee (back in 2012) declared that it had no confidence in these two Chinese companies as far as providing infrastructure, equipment, and services in the U.S. because of the risk to cybersecurity? In particular, there was fear that embedded electronic bugs that could transmit data furtively back to China. Rep. Dutch Ruppersberger, ranking member of the House Intelligence Committee claimed that there was a legitimate concern because of the potential leak of trade secrets. The U.S. at that time was reeling from a cyber-attack that exposed 300B worth of trade information that would impact U.S. market competitiveness. Congress has also admitted it was protectionist because Huawei was producing cheap but high-quality products that will potentially outsell U.S. brands at home and internationally.

Back in 2012, Huawei and ZTE have denied the claims and have declared that they are not under the control of the Chinese government. At that time, both companies were told that in order to continue doing business in the U.S., there must be complete disclosure of information – including financial records to ensure that these companies are not merely puppets of the Chinese government. Some quarters referred to this pressure as China-bashing.

Fast forward to 2018, despite its attempt to “sanitize” its image and prove that it is not beholden to the Chinese government, the effect of the announcement on Huawei is disastrous. In the midst of this latest controversy, talks collapsed between ATT and Huawei with the American telecommunications carrier pulling out of their deal. Congress has also an impending bill that will ban government employees from using Huawei phones. Furthermore, in what is seen as commercial pressure, a bill (companion bill to Defending U.S. Government Communications Act) is being introduced by Republican Senator Tom Cotton of Arkansas, that will prohibit the government from engaging in a contract with companies that use Huawei or ZTE products, equipments or component parts. He is the same congressman who asked for a show of hands on whether they should recommend to Americans the use of smartphones produced by Apple’s Chinese competitors.

Huawei claims that they are in the U.S. for business and not likely to engage in cloak-and-dagger activities. They had reacted strongly to allegations during CES. Huawei released a statement saying that the Congressional report “employs many rumors and speculations to prove non-existent accusations…We have to suspect that the only purpose of such a report is to impede competition and obstruct Chinese ICT companies from entering the US market.”

Whether the claims are true or proven to be high-level paranoia, it pays to be cautious when using our smart devices. Here are some ways we could protect ourselves from inadvertently leaking information to both iOS and Androids.

 

Malware detected! Cyber-war lunges forward

Now may be a good time to click the update button to your anti-virus software. A couple of weeks ago, while trying to locate and identify a very illusive viper/wiper program that has been infecting Iranian computers, Kaspersky Lab has detected something even larger and more threatening than described. The malware, currently dubbed as “Flame”, is speculated to be another step towards cyber-war.

The malware has been named after a common name in its modules “flame_props”. This malware has been said to be 20 times larger and more complicated than a previous Cyber-war tool named Stuxnet. Stuxnet and Duqu were two of the cyber-war weapons that were launched around 2009 and 2010. These malware were considered monsters of their time. Stuxnet apparently took at least half a year for Kaspersky Lab to analyze and it may take at least 10 years to bust Flame open. These malware ran rampant in Iranian computers and sought to gather data and destroy infrastructure.

Flame has been recorded to be infecting several countries in the Middle East, with Iran as the leading target. The size and scope of Flame’s targets seem to reflect that this is again another Government-backed cyber assault, with goals of espionage in mind. Flame has been reported to be gathering data and even deleting data from target systems. Even the spread of the malware is well controlled and remained undetected for 2 years and maybe even longer. The scope of attack and similarities to Stuxnet rules out independent acts of cyber criminals.

In Kapsersky’s statement, Flame infects its targets by installing a small compressed file into the drive, then further downloads and deploys up to 20 modules that allow the attacker to perform several tasks, taking virtual control over the affected systems. The total size of the toolkit reaches 20 MB, compared to the 500 KB of Stuxnet. The plug-ins can be deployed and turned off at will by the attacker, including well controlled deployment into USB hosts, making the malware harder to detect. It even has the ability to completely wipe itself from a computer, further making it difficult for large anti-virus firms like Kaspersky Lab to detect and analyze. Someone is definitely in the steering wheel of this ride. Flame is a malware that has grown exceedingly complicated compared to its predecessors. Who knows how many more of these are in the wild, still running undetected?

So what can this malware do? Nearly every recording and data gathering capacities of you computer is at its employ. Kaspersky Lab reports that Flame can effectively use your computer’s microphone to record conversations. It can view your keystrokes. It can browse all your data and communications in the internet. It can even use the Bluetooth device of your computer and access other devices in its coverage, gathering personal information, like names and phone numbers. It can choose who to infect and when is the best time to strike. It has all the makings of an espionage tool. No wonder Kaspersky Lab thinks this may very well be a nation’s attack upon another.

This poses a threat not only to the infected countries, but other countries as well who may one day fall on the attacker’s radar. Some can only cry out for the legality of these attacks, as these are basically Government-approved cyber crimes. For this incredibly powerful malware to fall on the wrong hands would be disastrous to the whole internet community. Privacy has become a very sensitive term in the internet, and this privacy may soon be no longer in our control, if stuff like these can be deployed and run undetected for many years. If the government can get away with attacking industries for their data, what is stopping them from spying on each and every one of us regardless of their reasons?