March 28 Australia's decision to block Huawei
from bidding for work on its $38 billion national broadband
network has less to do with the Chinese telecoms firm itself and
more to do with a growing concern that foreign countries -
particularly China - are stealing the country's governmental and
commercial secrets via the Internet, security analysts and
researchers said.
Australia has blocked Huawei from bidding on the national
network - one of the world's largest such infrastructure
projects, which is expected to run high-speed Internet cables to
all but the remotest of Australian homes - citing security
concerns. It has not detailed what those concerns are.
Alastair MacGibbon, who directed Australia's High Tech Crime
Centre before setting up the Centre for Internet Safety, said
that while he had nothing against Huawei, he welcomed the
decision because it showed the government was putting security
over cost - and the possible diplomatic fallout from Australia's
largest trading partner.
"A decision like this would have been made at a very high
level and they would take into account the consequences, which
probably aren't insignificant," he said. "You would have to
imagine that was a pretty big security concern."
Government officials have declined to detail what those
concerns are, but have said they originated from the Australian
Security Intelligence Organisation (ASIO), which has become
increasingly voluble about the problem of Internet-based
espionage from what it calls state-sponsored actors.
In its latest annual report to parliament it said:
"Espionage by cyber means - one aspect of the larger threat - is
emerging as a serious and widespread concern that will continue
to gain prominence given Australia's increasing reliance on
technology in commercial, government and military business."
Although it has not mentioned China by name, MacGibbon and
others said it's understood that most of the threats emanate
from there.
Casey Ellis, a Sydney-based security specialist, said
incident response teams "were very busy and a lot of the
corporate stuff they deal with appears to have links to China."
Indeed, in 2010 three major resource sector companies, BHP
Billiton , Fortescue Metals and Rio
Tinto were targeted, and last year
parliamentary e-mail accounts were hacked, including those of
three ministers. Researchers say there are probably many more
such attacks that either go unnoticed or the companies affected
are reluctant to publicize.
"I'd assume the majority of this activity is going
unreported. Not only is it embarrassing for the company, but
even top-shelf companies have taken months to uncover some of
these attacks, sometimes by chance," said Chris Horsley, a
Brisbane-based security consultant.
China has routinely denied any involvement in such attacks.
Huawei on Tuesday blamed such activities on private citizens and
vigilante groups.
BACK DOOR
While there's little question Australia is an increasing
target of cyber-espionage, analysts and researchers said they
were surprised the government was blocking Huawei from this
particular project. Huawei is after all one of Australia's
largest vendors of equipment to telecoms operators and Internet
service providers.
The issue, some researchers say, would come down to whether
Huawei had built back doors into its devices through which it
can eavesdrop data. Huawei has this week offered to open up its
source code - the software that runs a device - to try to
persuade the Australian government to change its mind.
But other security analysts say that it's not just a
question of back doors.
Jeffrey Carr, a Washington-based security consultant, says
the absence of a back door doesn't mean the device cannot be
compromised later through an update to the software controlling
the device.
"Huawei has encouraged governments worried about its
hardware to check it for back doors," he said. "However, the
fact that there's no back door doesn't mean the hardware can't
be compromised later. Hardware needs to be updated just like
software and to date there's no automated way to test hardware
updates for back doors."
And while the National Broadband Network may on the surface
be a countrywide Internet network it is still a strategic asset,
run by a government company. That means it's logical for the
government to be wary about which companies supply equipment for
it and build it.
"It's easy to separate work and home computers and things
like that," said Melanie Symons, who runs an Australia-based
consulting company hunting for attackers on clients' networks.
"But in reality the distinction between home and work computers
is not that clear cut. There's a risk of malware moving from
home computers to corporate networks, and it's not uncommon for
hackers to target home computers for this reason."
Researchers and analysts said the Australian government and
ASIO are unlikely to reveal what prompted them to block Huawei.
"This is down to one of two things," said one Sydney-based
security researcher who declined to be named because his company
had not authorized him to speak. "The accusations are completely
baseless - or our intelligence agencies have information about
Huawei."