Credit: ShutterstockEurope’s largest wireless operator, Vodafone Group Plc, revealed to Bloomberg that in 2011 and 2012 it found backdoors in the network equipment its Italian division purchased from Huawei. The issues appear to be resolved now, but Huawei reportedly avoided fixing them initially. Plus, the risk remains that new backdoors could silently appear in new router software versions in the future.
Huawei Backdoor In Vodafone Network
Vodafone previously identified hidden backdoors that could have given Huawei or the Chinese government unauthorized access to Vodafone’s Italian fixed-line network, which provides internet access to millions of customers and businesses. The revelation comes from Vodafone documents from 2009-2011, which Bloomberg received access to, as well as other sources inside Vodafone that were reportedly involved.
In 2011, Vodafone reportedly asked Huawei to remove backdoors from its home internet routers. Huawei offered assurances to Vodafone that it would comply and that the issues were fixed, but when Vodafone further analyzed the software, it learned that the vulnerabilities remained, according to documents seen by Bloomberg.
Additionally, Vodafone learned about backdoors in the optical service nodes, which are responsible for transporting internet traffic over fiber cables. The operator also found hidden backdoors in the broadband network gateways, which handle subscriber authentication and access to the internet, according to people familiar with the matter.
Huawei Defended the Backdoors
Vodafone started buying routers from Huawei in 2008, and in 2009, the operator started suspecting that the hardware had backdoors after it found 26 open security vulnerabilities in the routers. In its 2009 report, Vodafone urged Huawei to remove the telnet service, which could be used to give Huawei access to the devices remotely.
By 2011, Vodafone started a deeper investigation of the routers, including via an independent security auditing firm, which also found the telnet service to be the biggest security threat to Vodafone’s customers. Vodafone noted that many router manufacturers use the telnet service to configure the devices remotely, but Vodafone didn’t allow this due to the security risk it presented.
Vodafone took two months to convince Huawei to disable the service. Huawei then assured Vodafone that the telnet service was disabled, but the operator later found that the service could still be launched. Huawei then said that it couldn’t fully remove the telnet service because it still needs it itself to access the routers for remote configuration. Huawei’s reluctance started worrying Vodafone executives even more because the Chinese company could pose a security threat for the operator’s customers.
Bryan Littlefair, the Chief Security Officer for Vodafone at the time, said in the company’s report from 2011:
“What is of most concern here is that actions of Huawei in agreeing to remove the code, then trying to hide it and now refusing to remove it as they need it to remain for ‘quality’ purposes.'”
Are European Operators Prioritizing Profit Over Security?
Despite all the recent accusations, findings and European operators having discovered themselves potential backdoors in Huawei’s network gear, they still defend the Chinese company to regulators.
Vodafone itself has recently said that it will limit purchases from Huawei for core network gear. But this just be a compromise the operator made to pacify European regulators thinking about banning Huawei from European networks altogether.
Otherwise, Vodafone and other European wireless operators have defended Huawei in the wake of established relationships and 5G technology purchases already made/ If they were to discard those investments now, they risk losing significant money. Plus, they would need to install and then train employees on new equipment from other companies, which could put them behind in the race to 5G.
Another way of seeing this is that the European operators are more willing to risk their customers’ data, both home users and businesses, which could be stolen via firmware or hardware-level backdoors, over them losing out on their network investments or access to cheap Chinese-made equipment.