NSA breached Chinese servers, posed security threat

US officials have long considered Huawei, the Chinese telecommunications giant, a security threat, blocking it from business deals in the United States for fear that the company would create “back doors” in its equipment that could allow the Chinese military or Beijing-backed hackers to steal corporate and government secrets.

But even as the United States made a public case about the dangers of buying from Huawei, classified documents show that the National Security Agency was creating its own back doors - directly into Huawei’s networks.

The agency pried its way into the servers in Huawei’s sealed headquarters in Shenzhen, China’s industrial heart, according to NSA documents provided by the former contractor Edward J Snowden. It obtained information about the workings of the giant routers and complex digital switches that Huawei boasts connect one-third of the world’s population, and monitored communications of company’s top executives.

One of the goals of the operation, code-named “Shotgiant,” was to find any links between Huawei and the People’s Liberation Army, a 2010 document made clear. But the agency’s plans went further: to exploit Huawei’s technology so that when the company sold equipment to other countries - including both allies and nations that avoid buying US products - the NSA could roam through their computer and telephone networks to conduct surveillance and, if ordered by the president, offensive cyberoperations.

“Many of our targets communicate over Huawei-produced products,” the NSA document said. “We want to make sure that we know how to exploit these products,” it added, to “gain access to networks of interes” around the world.  The documents were disclosed by The New York Times and Der Spiegel, and are also part of a book by Der Spiegel, “The NSA Complex.” The documents, as well as interviews with intelligence officials, offer new insights into America’s escalating digital cold war with Beijing. While President Barack Obama and China’s president, Xi Jinping, have begun talks about limiting the cyber conflict, it appears to be intensifying.
 The NSA, for example, is tracking more than 20 Chinese hacking groups - more than half of them Chinese army and navy units - as they break into the networks of the US government, companies including Google and drone and nuclear-weapon part makers, according to a half-dozen current and former US officials. If anything, they said, the pace has increased since the revelation last year that some of the most aggressive Chinese hacking originated at a People’s Liberation Army facility, Unit 61398, in Shanghai.

The Obama administration distinguishes between the hacking and corporate theft that the Chinese conduct against US companies to buttress their own state-run businesses, and the intelligence operations the United States conducts against Chinese and other targets. The US officials have repeatedly said that the NSA breaks into foreign networks only for legitimate national security purposes. But that does not mean the US government does not conduct its own form of corporate espionage with a different set of goals. Those concerning Huawei were described in the 2010 document.

The NSA saw an additional opportunity: As Huawei invested in new technology and laid undersea cables to connect its $40 billion-a-year networking empire, the agency was interested in tunneling into key Chinese customers, including “high priority targets - Iran, Afghanistan, Pakistan, Kenya, Cuba.”

The documents offer no answer to a central question: Is Huawei an independent company, as its leaders contend, or a front for the People’s Liberation Army, as US officials suggest but have never publicly proved?

Two years after Shotgiant became a major programme, the House Intelligence Committee delivered an unclassified report on Huawei and another Chinese company, ZTE, that cited no evidence confirming the suspicions about Chinese government ties. Still, the October 2012 report concluded that the companies must be blocked from “acquisitions, takeover or mergers” in the United States, and “cannot be trusted to be free of foreign state influence.”

Huawei, which has all but given up its hopes of entering the US market, complains that it is the victim of protectionism, swathed in trumped-up national security concerns. Company officials insist that it has no connection to the People’s Liberation Army.

Hack attacks accelerate Chinese state attacks have only accelerated in recent years, according to the current and former intelligence officials, who spoke on the condition of anonymity about classified information.

A dozen PLA military units - aside from Unit 61398 - do their hacking from eavesdropping posts around China, and though their targets were initially government agencies and foreign ministries around the world, they have since expanded into the private sector. For example, officials point to the First Bureau of the army’s Third Department, which the NSA began tracking in 2004 after it hacked into the Pentagon’s networks. The unit’s targets have grown to include telecom and technology companies that specialise in networking and encryption equipment - including some Huawei competitors.

For some of its most audacious attacks, China relies on hackers at state-funded universities and privately owned Chinese technology companies, apparently as much for their skills as for the plausible deniability it offers the state if it gets caught. The NSA is tracking more than half a dozen such groups suspected of operating at the behest of the Chinese Ministry of State Security, China’s civilian spy agency, the officials said.

Their targets, they noted, closely align with China’s stated economic and strategic directives. As China strove to develop drones and next-generation ballistic and submarine-launched missiles in recent years, the NSA and its partners watched as one group of privately employed engineers based in Guangzhou in southern China pilfered the blueprints to missile, satellite, space, and nuclear propulsion technology from businesses in the United States, Canada, Europe, Russia and Africa.

And as China strove to make its own inroads on the Web, officials said another group of private hackers hacked into Google, Adobe and other global technology companies in 2010. Lately, that group and its counterparts are also going after security firms, banks, chemical companies, automakers and nongovernment organisations. “China does more in terms of cyberespionage than all other countries put together,” said James A Lewis, a computer security expert at the Centre for Strategic and International Studies in Washington.