Security News > 2021 > December > US distrust of Huawei linked in part to malicious software update in 2012

Suspicions about the integrity of Huawei products among US government officials can be attributed in part to a 2012 incident involving a Huawei software update that compromised the network of a major Australian telecom company with malicious code, according to a report published by Bloomberg.

The snooping code reportedly deleted itself, but Australia's intelligence services decided China's intelligence services were responsible, "Having infiltrated the ranks of Huawei technicians who helped maintain the equipment and pushed the update to the telecom's systems."

Australian intelligence is said to have shared details about the incident with American intelligence agencies, which subsequently identified a similar attack from China using Huawei hardware in the US. The report seeks to provide an evidentiary basis for efforts by the US and other governments to shun Huawei hardware amid global 5G network upgrades and to give that business to non-Chinese firms.

The Register asked Huawei to comment and a spokesperson provided us with a copy of the remarks John Suffolk, Huawei's global cybersecurity officer, offered to Bloomberg.

Yes, there was that dustup with its CFO, resolved to avoid a serious diplomatic row, the US government's trade secret theft lawsuit against Huawei based on T-Mobile's civil lawsuit, and claims that Huawei screwed over a California IT consultancy and backdoored a network in Pakistan.

As far as the US is concerned, Huawei can't be trusted because the Chinese government could, in theory, make demands the company could not refuse.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/12/18/us_huawei_malware/