Newsletters
News & Information for Technology Purchasers NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
This ad will display for the next 20 seconds. Click for more information, or
Home Enterprise I.T. Cloud Computing Applications Hardware More Topics...
GET RECOGNIZED.
Let an ISACA® certification
elevate your career.

Register today and save
Microsoft/Windows
Register for a certification exam.
Average Rating:
Rate this article:  
Sprint, Seeking OK on Merger, Agrees To Shun Huawei Gear
Sprint, Seeking OK on Merger, Agrees To Shun Huawei Gear

By Jennifer LeClaire
March 29, 2013 12:15PM

    Bookmark and Share
Although a House investigation concluded there were "credible reports" of Huawei's illegal behavior, there is no conclusive evidence that either Huawei or ZTE are installing telecom equipment with hidden codes to transmit information back to China. But with the recent back-and-forthing between the U.S. and China over cyber-security, the issue remains.
 



Sprint and Softbank, the company planning to acquire the third-largest U.S. carrier, are committed to meeting national security concerns to make their merger a reality. The companies made it clear to Washington that they will no longer purchase or use equipment the Chinese telecom giant manufactures.

According to The New York Times, Sprint-Softbank's agreement with the U.S. government would allow national security officials to monitor changes to the company's system of routers, servers, and switches, among other equipment and processes. Softbank has offered $20 billion to acquire most of Sprint but needs U.S. government approval.

"I have met with Softbank and Sprint regarding this merger and was assured they would not integrate Huawei in to the Sprint network and would take mitigation efforts to replace Huawei equipment in the Clearwire network," said Rep. Mike Rogers, R-Mich., chairman of the House Intelligence Committee. "I expect them to make the same assurances before any approval of the deal in the CFIUS process."

CFIUS is the Committee on Foreign Investment in the United States, a federal government inter-agency panel that reviews the national security implications of foreign investment in the U.S.

Spying on U.S. Communications

What's the problem with Huawei? Last October, a House Intelligence Committee report warned that buying Huawei Technologies products poses a security risk to the nation. Huawei vehemently opposed the allegations, which include visa fraud and job bias. The report also called out ZTE, another Chinese telecom firm.

The overarching allegation is that China could use equipment these companies manufacture to spy on U.S. communications systems and threaten U.S. technology infrastructure. Some U.S. analysts are saying the report is steeped in protectionism and neither China nor Huawei is taking the report lying down.

Although the House investigation concluded there are "credible reports" of Huawei's illegal behavior, there is no conclusive evidence that either Huawei or ZTE are installing telecom equipment with hidden codes to transmit information back to China. But with the recent back-and-forthing between the U.S. and China government over cyber-security, the issue remains at the fore.

Is the Threat Real?

Paul Henry, a security and forensic analyst at Lumension, told us not to be mistaken -- there is danger here.

"This isn't a case of the government being overly paranoid, though I might also argue that there is no such thing when it comes to cyber-security," Henry said. "It is very possible that back doors are being built into the hardware shipped by the Chinese."

As Henry sees it, the real danger here is that if Chinese companies, deliberately or not, are leaving easy back doors into their products, then malware could be executed at the firmware and peripheral level.

"What that boils down to is a piece of malware executed at a level below the operating system, where it is virtually undetectable by just about every cyber-security product on the market today," Henry said.

"There is some amount of doubt in the security community about whether this sort of attack is even practically possible, but I assure you, it is. It was demonstrated in two proof-of-concept rootkits, Red Pill and Blue Pill, by Joanna Rutkowska at Black Hat in 2006. There is a real danger here that everyone -- not just the government -- should be considering when purchasing IT equipment manufactured overseas."
 

Tell Us What You Think
Comment:

Name:



APC has an established a reputation for solid products that virtually pay for themselves upon installation. Who has time to spend worrying about system downtime? APC makes it easy for you to focus on business growth instead of business downtime with reliable data center systems and IT solutions. Learn more here.


 Microsoft/Windows
1.   Microsoft Buys InMage Recovery Tech
2.   'Reinvent Productivity,' Nadella Urges
3.   Microsoft Revamps Office 365 Plans
4.   Windows 7 Ends Mainstream Support
5.   Another IE-Focused Patch Tuesday


advertisement
Review: Microsoft's Surface Pro 3
Is it a tablet and laptop replacement?
Average Rating:
Windows 7 Ends Mainstream Support
But extended support still available.
Average Rating:
Another IE-Focused Patch Tuesday
One critical for Internet Explorer.
Average Rating:


advertisement
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
Report: Chinese Hackers Hit U.S. Personnel Networks
Hackers from China broke into the computer networks of the U.S. Office of Personnel Management earlier this year with the intention of accessing the files of tens of thousands of federal employees.
 
Charges: Russian Stole Data from U.S. Restaurants, Zoo
A Russian man arrested on bank fraud and other charges hacked into computers at restaurants in Washington, hundreds of other retail businesses, and even the Phoenix Zoo, authorities say.
 
Another Month, Another IE-Focused Patch Tuesday
Microsoft rolled out 59 vulnerabilities for Internet Explorer in June. But the IE-patching party is not over yet. Redmond published six new security bulletins on Tuesday; two, critical; three, important.
 

Navigation
NewsFactor Network
Home/Top News | Enterprise I.T. | Cloud Computing | Applications | Hardware | Mobile Tech | Big Data | Communications
World Wide Web | Network Security | Data Storage | Small Business | Microsoft/Windows | Apple/Mac | Linux/Open Source | Personal Tech
Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters | XML/RSS Feed

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.