n further investigation, it transpired that this breach, which had only recently been reported, relates to issues that were found some 10 years ago after Vodafone instructed an independant company to perform diagnostics and fix any bugs, as part of their security measures in 2009/2010.
A backdoor, in cybersecurity terms, is a method of bypassing security controls to access a computer system or encrypted data. It is an important part of technological equipment to allow fixing and servicing.
Vodafone has admitted vulnerabilities, which were diagnosed in 2009 and were resolved in 2011 and 2012, which involved removing a diagnostic function. The ‘back door’ that Bloomberg have referred to is Telnet. This is a protocol that is commonly used by many vendors in the industry for performing diagnostic functions. It would not have been accessible from the internet and so to state that this would have given Huawei access to Vodafone’s fixed line network in Italy is not true.
Bloomberg say that this further damages the reputation of Huawei, which is already facing a ream of accusations from the US over the ties to the Chinese Government and allegations of spying. Huawei repeatedly denies that it creates backdoors and says it’s not beholden to Beijing.
However, journalists from the American media company – Bloomberg, said that they saw confidential security reports with their own eyes and it tells a different story.
The US launched investigations about trading with China in 2017 and it imposed tariffs on billions of dollars worth of Chinese products last year and Beijing retaliated in kind. The US and China have been locked in an escalating trade battle since. The US is moving to ban the use of Huawei’s equipment and is lobbying its allies to do the same.
It cannot be a coincidence that suddenly, this allegation is being made about Huawei having access to Vodafone’s client’s networks, when there hasn’t been any evidence of unauthorised access. While backdoors are common in network equipment and software because developers create them to manage the gear, they can be exploited by attackers but one would question that this could be political motivation rather than a breach of data issue.