Could Huawei be using Trojan circuits to help Beijing spy on US?
- US is regarded as the world leader in hardware hacking
- Its allies have found no evidence of planting ‘back doors’, and Chinese researchers insist their work on Trojans is separated from telecoms firms
“Huawei is a true threat. It could be a Trojan horse,” the third-ranking member in the Senate Republican leadership said.
Barrasso is one of the many American politicians who have called for a ban on Huawei equipment and technology.
They have said that the conglomerate, based in Shenzhen in southern China, installs “back doors” or “Trojans” in its devices to siphon off sensitive data to the Chinese government without detection.
Huawei, meanwhile, has repeatedly denied the allegations, saying that it is not a proxy for China’s security apparatus.
Despite its warnings, some of the US’ traditional allies such as Britain and Germany have said they have found no evidence that Huawei’s devices contain Trojan circuits, also known as hardware Trojans – modifications of integrated circuits in computer chips that can give third parties access to data.
China will not turn to global financial crisis playbook to offset US trade war
US President Donald Trump last month appeared to have backed off a little from the ban after meeting Chinese counterpart Xi Jinping at the Group of 20 summit in Japan.
Ross maintained, however, that sales of sensitive equipment would remain off limits.
But from a technology perspective, are these warnings credible, or fantasies straight out of the pages of spy fiction?
Trojans come in all shapes and sizes.
Some can be triggered by heat, a clock on a motherboard, GPS coordinates (activated when a target device enters a designated area), or typing a word – for instance, a government agent in the US typing “Beijing” and inadvertently triggering a Trojan that sends information to China.
Last year, a Bloomberg report alleged that China added a Trojan component to a Supermicro server board that has been used by Western tech giants such as Amazon and Apple.
Such a hack was “technically plausible”, according to Dr Markus Kuhn, an award-winning computer scientist studying hardware security at the University of Cambridge in Britain.
After all, it is well known that China, like other countries including the US, has been conducting research on hardware Trojans.
Since 2010, more than 400 papers have been published on the topic, mostly in Chinese-language domestic journals, with various proposals for Trojan circuit designs.
Although China has made strides in the field, security researchers said Beijing still lagged the US, widely regarded as the world leader in hardware hacking.
US ‘could let firms sell to Huawei’ as trade talks resume by phone
The US’ National Security Agency (NSA) is alleged by some researchers to have inserted a Trojan into the firmware of Juniper Networks, an American supplier of networking technology.
“That back door has been observed to have been carefully implemented and then replaced several times,” Kuhn said.
His opinion is shared by many in the information security community.
But the question is whether the work of researchers and government-funded institutes on hardware Trojans is linked to Chinese telecommunication companies, and whether the Chinese government can spy on countries that buy hardware from those firms.
According to a government researcher involved in a Trojan circuit design programme, the answer is a flat “no”, partly because it would be too easy to get caught.
In wake of blacklist, Huawei’s US research arm moves to separate itself
“A back door on [Huawei’s] HiSilicon chip is more likely to be caught than one on a chip of [American semiconductor company] Xilinx,” said the researcher, who spoke on condition of anonymity.
His research team modifies different models of processors and tests how well a Trojan circuit cheats various detection methods, such as infrared imaging and electromagnetic emission sniffing.
“We are working separately from Huawei,” he said. “That means one’s work never comes across the other’s, even though we may attend the same international conferences and sit side-by-side.”
In their laboratory, the chips were all those of foreign brands, said the researcher, whose work covers both detection and planting of Trojans in processor chips.
In Europe, Huawei products have gone through strict security screening to gain access to markets, Kuhn wrote in an emailed response to the South China Morning Post’s queries.
The British government, for instance, publishes an annual report on the security of Huawei products. In the latest report, released in March, hundreds of vulnerabilities were identified by an independent oversight board chaired by a senior cybersecurity official.
German spies dismiss threats to cut off US intelligence over Huawei
“It does not identify any deliberately planted back doors, but lists numerous problems that are very common in commercially developed programs,” the official said.
The problems included frequent use of potentially unsafe functions in source code, use of outdated third-party software components and the lack of “reproducible build” – showing an independent reviewer that the source code they review matches the binary code that drives a machine.
“While all these requirements are very sensible and desirable, I think it is also fair to say that Huawei is unlikely to be exceptional in selling commercial products that would disappoint in such a security review,” Kuhn wrote.
“I would be surprised if most of Huawei’s competitors did substantially better when faced with similar scrutiny,” he added.
“The Huawei thing is political,” said Grady Summers, executive vice-president and chief technology officer of global cybersecurity firm FireEye, at a media briefing in Hong Kong last month.
“It’s a very convenient thing to rile up a political base about the fear of foreign technology.”
White House official says new sales to China's Huawei to cover only widely available goods
Summers said this was at odds with the internet’s intended lowering of boundaries and exchanging of ideas across countries.
“I hate to see this Balkanisation of the internet, where countries don’t want to use technology that [others] build, where we’re going to see increasing firewalls and we’re all going to use our own national social media and our own national internet infrastructure,” Summers said.
“Speaking strictly from a security perspective, we have seen nothing from Huawei that would give us alarm.”
Additional reporting by Laurie Chen