Thursday, May 3, 2018

US cites security risks in clampdown on Chinese tech

US cites security risks in clampdown on Chinese tech

Washington fears spying through back doors in gear from Huawei and peers


TOKYO -- The U.S. is working to keep some technology made in China out of American markets, citing concern about "back doors" that could compromise sensitive information -- a tactic Washington has used itself.
The Federal Communications Commission said Monday it is considering regulations that would bar the use of money from its Universal Service Fund to purchase equipment from companies that pose a security risk to American communications networks. The fund subsidizes telecommunications service to underserved areas.
This seems meant to shut out devices made by Chinese companies such as Huawei Technologies, which is said to have ties to China's military. Washington suspects that Huawei may include back doors in its products at Beijing's behest, an allegation the company denies.
Back doors are mechanisms built into hardware or software that allow access to systems by people other than the intended user, potentially allowing data to be stolen remotely. "Kill switch" functions that can shut down a system are another potential threat. The U.S. government fears that such security holes could be used by foreign spies to intercept valuable information or create chaos.
The Americans' own track record with back doors may have made them more sensitive than most to the risks. An early example is the Clipper chip, an encryption chipset for telephones and computers developed by the National Security Agency with a built-in back door that would let law enforcement agencies decrypt and listen in on communications. The initiative stalled amid public outcry.
Rumors still swirl about the government putting back doors in American-made equipment. It was discovered in 2014 from documents leaked by Edward Snowden, who worked for the Central Intelligence Agency and NSA, that the NSA intercepted Cisco Systems routers in transit and installed surveillance tools before sending them along to their destinations. Senior U.S. officials pushed top executives at such companies as Apple to design back doors for their products.
Though these demands were rebuffed, suspicions still linger. Some security equipment makers state that their products include no U.S. government back doors in an effort to reassure customers.
Back doors installed at the request of foreign governments may also exist in equipment used in countries such as Japan. North Korean hackers are a particular concern. Executive Director Kim Heung-kwang of the South Korean nonprofit North Korea Intellectuals Solidarity, which is well-versed in North Korean cyber operations, said hackers conceal their identities and develop software for Japanese manufacturers.
"Based on their modus operandi, they've absolutely put back doors in," he said. If true, the security implications are grave.