Between 2009 and 2011, Vodafone Italia discovered the presence of some security holes in some Huawei systems used for its network. It is not clear if the vulnerability was inserted on purpose by Huawei to create a secondary access (backdoor), as hypothesized by a Bloomberg investigation, or if it was simply the result of a design error, as claimed by Huawei, Vodafone and various experts. computer scientists. The problem was solved by intervening on existing systems, without having to replace them.
The news released by the Bloomberg investigation, and partly denied by Vodafone, will probably bring new problems to Huawei, a large Chinese private company that produces smartphones and equipment for telephone networks. The company is accused by the US government of inserting systems into its systems that allow the Chinese government to spy on other countries. Huawei has always denied these circumstances and so far no hard evidence has been produced in the United States to prove it. Huawei is one of the main suppliers of the most important telephone companies in the world (outside the United States) and its equipment is used for the construction of 5G, the new generation of cellular networks for data transmission.
According to the Bloomberg article, Vodafone Italia became aware of the presence of vulnerabilities between 2009 and 2011: they affected some routers (the devices we keep at home to connect to the Internet) and other equipment to manage the infrastructure of its network. The investigation says that the security holes continued to exist after 2012 and that they were also found in other countries where Vodafone is present: Portugal, Spain, Germany and the United Kingdom. According to sources consulted by Bloomberg, Vodafone continued to use Huawei supplies because they were cheaper and because it would have been very expensive to replace those affected by security problems.
Vodafone responded to the Bloomberg investigation by admitting the presence of the vulnerabilities, but contesting the reconstruction of the times in the article and denying other circumstances. The company claims that the problems were resolved between 2011 and 2012. Huawei gave a similar version, saying it took action immediately after Vodafone's report to secure its equipment. According to Bloomberg, however, he was reluctant to fix the problem for routers, due to a function based on the Telnet protocol used for their remote configuration.
To the technology head ZDNet, Huawei also said that the security holes were the result of errors and not of a conscious choice, which would have involved the decision to exploit them to spy on the data circulating on them: “The definition of 'backdoor' it involves the deliberate insertion of vulnerabilities that can be exploited, but this was not the case. These were errors that were rectified “.
The Bloomberg article speaks openly of “backdoors,” but in fact there is no way with the information available so far to determine whether it was a conscious choice or a mistake. The vulnerabilities described have only some characteristics similar to the systems used to create secondary access, without the knowledge of who is on the network and who could then be spied on.
Following the espionage allegations made in the United States, Vodafone at the beginning of the year announced that it had suspended the purchase and installation of new Huawei equipment pending clarification. Later, like other operators, he announced that a possible ban on Huawei by governments could slow down its plans to install the new 5G networks. As Huawei itself says, even Vodafone often remembers that to date no concrete evidence has been produced to support the suspicions about the Chinese company.
In recent months, the United States has put pressure on European governments to obtain a review of their plans for the development of 5G which also includes the use of Huawei's equipment. Security experts have questioned the reliability of the Chinese company's equipment, especially on the basis of some problems and the way in which they were dealt with by Huawei.
The new case could complicate Huawei's operations in Europe, one of the continents where it does the most business, and once again demonstrates the great strategic and commercial interests behind the development of 5G. The next-generation network will not only offer much faster mobile connections to the Internet, but it will become a key part of the data management of countries and their infrastructures. In addition to security concerns, whether they are true or unfounded, the US government has a strong interest in hindering Huawei to favor its cellular network system manufacturers. The same goes for Europe where there are companies such as Ericsson and Nokia that produce equipment for mobile operators, but at costs often higher than those offered by Huawei, which are also very competitive technologically, and which could allow them to arrive more quickly. to the construction of 5G networks.
