Cybersecurity

NSA Targeted Chinese Firewall Maker Huawei, Leaked Documents Suggest

When the mysterious Shadow Brokers dumped a cache of hacking tools used by an NSA-linked group last week, researchers quickly identified a number of the spy agencies’ targets, including American security companies like Cisco, Juniper, and Fortinet.

But until now, no one noticed that the leaked files suggest the NSA has also been targeting—and was likely able to hack—firewalls made by Huawei, a Chinese manufacturer of network infrastructure often seen as a threat to American companies given the suspicion that the Chinese government might have a backdoor and could spy in its products. The revelation is contained in an instruction file part of the leak.

Within one of the leaked files (TURBO_install-new.txt) there are references to VRP3.30, a version of Huawei’s proprietary operating system. While 3.30 is an older version, it still appears to be popular, according to a search on Shodan, which returns more than 1,600 devices running that version, mostly in China.