Hackers topple Huawei routers

Jul 30, 2012
Visitors gather at the Huawei booth during the CommunicAsia telecom expo and conference in Singapore in June 2012. Hackers at an infamous Def Con gathering were shown how to easily slip into computer networks through some routers made by Chinese electronics colossus Huawei Technologies.

Hackers at an infamous Def Con gathering were shown how to easily slip into computer networks through some routers made by Chinese electronics colossus Huawei Technologies.

"For the 20th anniversary of Def Con the gift is China," Recurity Labs chief Felix "FX" Lindner said as he opened his presentation.

"Nobody needs a back door; this is plausible deniability," he quipped as he detailed weaknesses in three small Huawei that could be exploited using basic hacking techniques. "You get what you pay for. Sorry."

Huawei routers, equipment that connects networks to the Internet, are widely used in Asia, Africa and the Middle East and the company has been striving to gain ground in US and European markets, according to Germany-based Recurity.

Lindner and his teammate Gregor Kopf were particularly troubled that Huawei has not issued any security advisories about its routers to warn users to take precautions.

A Huawei Ascend D1 smartphone is on display at the CommunicAsia telecom expo and conference in Singapore in June 2012. Huawei, founded by a former People's Liberation Army engineer, has established itself as a major force in the global telecoms industry where its technology is widely used to build mobile phone networks.

"These machines have serious security issues," Kopf told AFP. "In my eyes, the greatest danger is that you don't know how vulnerable it is; you're left in the dark."

Kopf referred to the routers studied by Recurity as having technology reminiscent of the 1990s and said that once attackers slipped in they could potentially run amok in networks.

"It looks pretty bad," Kopf said. "To be fair, we only looked at three routers. But based on this sample, chances are other equipment they offer is very vulnerable."

Recurity did not examine "big boxes," large routers Huawei makes for businesses and telecom networks.

Huawei, founded by a former People's Liberation Army engineer, has established itself as a major force in the global where its technology is widely used to build .

Huawei is battling an image problem in the broader due to its perceived close ties with the Chinese military and government.

It was recently blocked from bidding for contracts on Australia's ambitious national broadband project, reportedly due to concerns about cyber-security.

The company has in the past also run afoul of US regulators and lawmakers because of worries over its links with the Chinese military and Beijing -- fears that Huawei has dismissed.

"It doesn't really matter how much intention is behind the quality that we see," said Lindner. "If you can take over people's routers you can get into their stuff. People need to verify what they are dealing with before they buy."

Explore further: Hand out money with my mobile? I think I'm ready

add to favorites email to friend print save as pdf

Related Stories

China's Huawei seeks US government probe

Feb 25, 2011

Chinese telecom giant Huawei on Friday urged the US government to investigate the company, arguing "unfounded accusations" and "falsehoods" had jeopardised its operations in the United States.

China's Huawei sues ZTE for patent infringement

Apr 28, 2011

China telecoms giant Huawei said Thursday it is suing hometown rival ZTE in Europe for alleged patent and trademark infringements, as the Chinese firms battle for overseas market share.

China's ZTE rejects Huawei patent charges

Apr 29, 2011

Chinese telecom equipment maker ZTE has rejected charges by its bigger rival Huawei Technologies, which is suing ZTE in three European countries for alleged patent and trademark infringements. ...

Chinese tech giant calls for cyber cooperation

Jun 23, 2012

(AP) — The founder of Chinese telecom equipment giant Huawei, which has faced security concerns in the U.S. and Australia, is calling for global cooperation to improve data protection.

Recommended for you

Hand out money with my mobile? I think I'm ready

8 hours ago

A service is soon to launch in the UK that will enable us to transfer money to other people using just their name and mobile number. Paym is being hailed as a revolution in banking because you can pay peopl ...

Quantenna promises 10-gigabit Wi-Fi by next year

Apr 16, 2014

(Phys.org) —Quantenna Communications has announced that it has plans for releasing a chipset that will be capable of delivering 10Gbps WiFi to/from routers, bridges and computers by sometime next year. ...

Tech giants look to skies to spread Internet

Apr 16, 2014

The shortest path to the Internet for some remote corners of the world may be through the skies. That is the message from US tech giants seeking to spread the online gospel to hard-to-reach regions.

Wireless industry makes anti-theft commitment

Apr 16, 2014

A trade group for wireless providers said Tuesday that the biggest mobile device manufacturers and carriers will soon put anti-theft tools on the gadgets to try to deter rampant smartphone theft.

Dish Network denies wrongdoing in $2M settlement

Apr 15, 2014

The state attorney general's office says Dish Network Corp. will reimburse Washington state customers about $2 million for what it calls a deceptive surcharge, but the satellite TV provider denies any wrongdoing.

Netflix's Comcast deal improves quality of video

Apr 14, 2014

Netflix's videos are streaming through Comcast's Internet service at their highest speeds in the past 17 months now that Netflix is paying for a more direct connection to Comcast's network.

User comments : 2

Adjust slider to filter visible comments by rank

Display comments: newest first

gmurphy
not rated yet Jul 30, 2012
You get what you pay for.
Ms Bitters
not rated yet Jul 30, 2012
PLA insists that this is a beneficial feature and anyone who says otherwise "is just a rebel rouser and a troublemaker".

More news stories

Hackathon team's GoogolPlex gives Siri extra powers

(Phys.org) —Four freshmen at the University of Pennsylvania have taken Apple's personal assistant Siri to behave as a graduate-level executive assistant which, when asked, is capable of adjusting the temperature ...

Better thermal-imaging lens from waste sulfur

Sulfur left over from refining fossil fuels can be transformed into cheap, lightweight, plastic lenses for infrared devices, including night-vision goggles, a University of Arizona-led international team ...

Deadly human pathogen Cryptococcus fully sequenced

Within each strand of DNA lies the blueprint for building an organism, along with the keys to its evolution and survival. These genetic instructions can give valuable insight into why pathogens like Cryptococcus ne ...