According to Bloomberg, Vodafone said it had found vulnerabilities in Huawei equipment, which the provider used for its work in Italy. The problems have been solved. Huawei has been under fire for years for alleged links with the Chinese government.
According to the online news medium, Vodafone claims to have found hidden loopholes in the software that would have allowed Huawei to gain unauthorised access to a fixed network in Italy. This is a system that brings internet services to millions of homes and businesses, according to documents from a security briefing by Vodafone in 2009 and 2011. Bloomberg saw those documents. The findings were also confirmed by insiders, according to the news medium.
Vodafone asked Huawei in 2011 to remove the loopholes in routers for in the house. In addition, the provider received assurances from the manufacturer that the problems had been solved. However, later tests showed that the vulnerabilities remained present, says Bloomberg.
According to Bloomberg, Vodafone also discovered loopholes in parts of its fixed network called optical service nodes, which are responsible for transporting internet traffic over fibre. In addition, back doors were found in broadband network gateways, which handle the authentication of subscribers and access to the Internet. Through the back doors it was possible for a third party to gain access to a consumer’s personal computer and home network.
Vodafone denies in a statement that back doors were found, writes BBC. “The problems in Italy from the Bloomberg story have all been solved and come from 2011 and 2012. The ‘back door’ to which Bloomberg refers is Telnet, a protocol that is widely used by various manufacturers in the industry to perform diagnostic functions. This is not accessible from the Internet.”
According to Vodafone, it is therefore unjustified for Bloomberg to claim that it ‘could have given Huawei unauthorised access to Vodafone’s fixed network in Italy’. “In addition, we have no evidence of unauthorized access. This was nothing more than not removing a diagnostic function after development.”
“The problems were detected by an independent security test, started by Vodafone as part of our standard security measures, and then resolved by Huawei,” Huawei also reports that it solved the problems immediately after it was notified.
Huawei has been under attack for years, especially in the United States. The country is afraid that the manufacturer is helping the Chinese government with espionage, which Huawei has always denied. The U.S. decided to ban the use of manufacturer’s equipment by the U.S. government. In Europe, it is lobbying for the same ban.
Despite these concerns, Huawei did win a contract from Vodafone to help with the construction of the 5G network, says Bloomberg. The provider has repeatedly defended Huawei against the US accusations. CEO Nick Read has publicly stated on several occasions that he is against a ban on Huawei, warning of higher costs and delays.
Vodafone says in the documents that in 2011 – the same year that the vulnerabilities in the Italian routers were discovered – it worked with Huawei to solve the problems. No evidence was found of any data being compromised. In 2012 it also found vulnerabilities in broadband network gateways provided by Huawei, and these problems were also solved that year.
Update 01 May 2019: statement by Vodafone added to article.This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.