Leak: NSA hacked Chinese tech giant

Huawei long deemed a threat by U.S.

WASHINGTON - U.S. officials have long considered Huawei, the Chinese telecommunications giant, a security threat, blocking it from business deals in the United States for fear that the company would create “back doors” in its equipment that could allow the Chinese military or Beijing-backed hackers to steal corporate and government secrets.



RELATED ARTICLES

http://www.arkansas…">In China visit, first lady extols freedom of speechhttp://www.arkansas…">Reports trickle on dense NSA files

But even as the United States made a public case about the dangers of buying from Huawei, classified documents show that the National Security Agency was creating its own back doors - directly into Huawei’s networks.

The agency pried its way into the servers in Huawei’s sealed headquarters in Shenzhen, China’s industrial heart, according to agency documents leaked by the former contractor Edward Snowden. It obtained information about the workings of the giant routers and complex digital switches that Huawei boasts connect one third of the world’s population, and monitored communications of the company’s top executives.

Snowden is now living in Russia to evade arrest by U.S. authorities.

One of the goals of the operation, code-named “Shotgiant,” was to find any links between Huawei and the People’s Liberation Army, one 2010 document made clear. But the agency’s plans went further: to exploit Huawei’s technology so that when the company sold equipment to other countries - including both allies and nations that avoid buying U.S. products - the National Security Agency could roam through their computer and telephone networks to conduct surveillance and, if ordered by the president, offensive cyber operations.

“Many of our targets communicate over Huawei-produced products,” the agency document said. “We want to make sure that we know how to exploit these products [to] gain access to networks of interest” around the world.

The documents were disclosed by The New York Times and Der Spiegel, and are also part of a book by Der Spiegel titled The NSA Complex. The documents, as well as interviews with intelligence officials, offer new insights into America’s escalating digital cold war with Beijing. While President Barack Obama and Chinese President Xi Jinping have begun talks about limiting the cyber conflict, it appears to be intensifying.

The National Security Agency, for example, is tracking more than 20 Chinese hacking groups - more than half of them Chinese army and navy units - as they break into the networks of the U.S. government and companies including Google and manufacturers of parts for drones and nuclear weapons, according to a half-dozen current and former U.S. officials. If anything, they said, the pace has increased since the revelation last year that some of the most aggressive Chinese hacking originated at a People’s Liberation Army facility, Unit 61398, in Shanghai.

The Obama administration distinguishes between the hacking and corporate theft that the Chinese conduct against U.S. companies to buttress their own state-run businesses, and the intelligence operations the United States conducts against Chinese and other targets. U.S. officials have repeatedly said that the National Security Agency breaks into foreign networks only for legitimate national security purposes. A White House spokesman, Caitlin Hayden, said: “We do not give intelligence we collect to U.S. companies to enhance their international competitiveness or increase their bottom line. Many countries cannot say the same.”

But that does not mean the U.S. government does not conduct its own form of corporate espionage with a different set of goals. Those concerning Huawei were described in the 2010 document.

“If we can determine the company’s plans and intentions,” an analyst wrote, “we hope that this will lead us back to the plans and intentions of the PRC,” referring to the People’s Republic of China. The agency saw an additional opportunity: As Huawei invested in new technology and laid undersea cables to connect its $40 billion-a-year networking empire, the agency was interested in tunneling into key Chinese customers, including “high priority targets - Iran, Afghanistan, Pakistan, Kenya, Cuba.”

The documents offer no answer to a central question: Is Huawei an independent company, as its leaders contend, or a front for the People’s Liberation Army, as U.S. officials suggest but have never publicly proved?

Two years after Shotgiant became a major program, the House Intelligence Committee delivered an unclassified report on Huawei and another Chinese company, ZTE, that cited no evidence confirming the suspicions about Chinese government ties. Still, the October 2012 report concluded that the companies must be blocked from “acquisitions, takeover or mergers” in the United States, and “cannot be trusted to be free of foreign state influence.”

Huawei, which has all but given up its hopes of entering the U.S. market, complains that it is the victim of protectionism, swathed in trumped-up national security concerns. Company officials insist that it has no connection to the People’s Liberation Army.

William Plummer, a senior Huawei executive in the United States, said the company had no idea it was a National Security Agency target, adding that in his opinion, “The irony is that exactly what they are doing to us is what they have always charged that the Chinese are doing through us.

“If such espionage has been truly conducted,” he added, “then it is known that the company is independent and has no unusual ties to any government, and that knowledge should be relayed publicly to put an end to an era of mis- and disinformation.”

Washington’s concerns about Huawei date back nearly a decade, since the Rand Corp., the research organization, evaluated the potential threat of China for the U.S. military. Rand concluded that “private Chinese companies such as Huawei” were part of a new “digital triangle” of companies, institutes and government agencies that worked together secretly.

Huawei is a global giant: It manufactures equipment that makes up the backbone of the Internet, lays submarine cables from Asia to Africa and has become the world’s third-largest smartphone-maker after Samsung and Apple.

The man behind its strategy is Ren Zhengfei, the company’s elusive founder, who was a Chinese army engineer in the 1970s. To the Chinese, he is something akin to Steve Jobs - an entrepreneur who started a digital empire with little more than $3,000 in the mid-1980s and took on both state-owned companies and foreign competitors. But to U.S. officials, he is a link to the People’s Liberation Army.

They have blocked his company at every turn: pressing Sprint to kill a $3 billion deal to buy Huawei’s fourth generation, or 4G, network technology; scuttling a planned purchase of 3Com for fear that Huawei would alter computer code sold to the U.S. military; and pushing allies, like Australia, to back off from major projects.

As long ago as 2007, the National Security Agency began a covert program against Huawei, the documents show. By 2010, the agency’s Tailored Access Operations unit - which breaks into hard-to-access networks - found a way to into Huawei’s headquarters. The agency collected Ren’s communications, one document noted, though analysts feared they might be missing many of them.

Agency analysts made clear that they were looking for more than just “signals intelligence” about the company and its connections to Chinese leaders; they wanted to learn how to pierce its systems so that when adversaries and allies bought Huawei equipment, the United States would be plugged into those networks. (The New York Times withheld technical details of the operation at the request of the Obama administration, citing national security concerns.)

The agency’s operations against China do not stop at Huawei. Last year, the agency cracked two of China’s biggest cellphone networks, allowing it to track strategically important Chinese military units, according to an April 2013 document leaked by Snowden. Other major targets, the document said, are the locations where the Chinese leadership works.

Chinese state attacks have only accelerated in recent years, according to the current and former intelligence officials, who spoke on the condition of anonymity about classified information.

A dozen Chinese military units - aside from Unit 61398 - do their hacking from eavesdropping posts around China, and though their targets were initially government agencies and foreign ministries around the world, they have since expanded into the private sector. For example, officials point to the First Bureau of the army’s Third Department, which the NSA began tracking in 2004 after it hacked into the Pentagon’s networks. The unit’s targets have grown to include telecom and technology companies that specialize in networking and encryption equipment - including some Huawei competitors.

For some of its most audacious attacks, China relies on hackers at state-funded universities and privately owned Chinese technology companies. The NSA is tracking more than half a dozen such groups suspected of operating at the behest of the Chinese Ministry of State Security, China’s civilian spy agency, the officials said.

And as China strove to make its own inroads on the Web, officials said another group of private hackers hacked into Google, Adobe and dozens of other global technology companies in 2010.

“China does more in terms of cyber espionage than all other countries put together,” said James Lewis, a computer security expert at the Center for Strategic and International Studies in Washington.

“The question is no longer which industries China is hacking into,” he added. “It’s which industries they aren’t hacking into.”

Front Section, Pages 1 on 03/23/2014

Upcoming Events