HackerSecret.com - The Most Authoritative Site in the World on the Hacking Tools and Techniques, Penetration Testing and CyberSecurity

  • Home
  • Visit Our Shop
  • Download the free App
  • Contact us for Info
VISIT OUR SHOP! CLICK HERE !

Learning From the Vodafone-Huawei Backdoor Scandal

by / Friday, 14 June 2019 / Published in Hacking
Share
Tweet
Pin
0 Shares

Veracode Vodafone Huawei Backdoor April 2019

Yesterday, Bloomberg reported that Vodafone uncovered hidden backdoors in Huawei equipment used for the carrier’s Italian business, which could have given Huawei unauthorized access to Italian homes and businesses. The alleged backdoors were found in 2011 and 2012, and Vodafone told Bloomberg that the issues were resolved at the time.

However, the BBC published a piece this morning in which Vodafone denied the Bloomberg report, citing a spokesperson who says that, “The ‘backdoor’ that Bloomberg refers to is Telnet, which is a protocol that is commonly used by many vendors in the industry for performing diagnostic functions. It would not have been accessible from the internet.”

Further, the spokesperson indicated that Bloomberg was incorrect in saying that Huawei could have had unauthorized access to the carrier’s Italian network, nor does Vodafone have evidence of any unauthorized access.

According to the BBC, Vodafone took some time off of deploying Huawei equipment in its core networks until a few issues are resolved – namely that Huawei has been accused of being controlled by the Chinese government, which could pose a security risk. The US encouraged allies not to use the equipment in 5G networks, with Secretary of State Mike Pompeo saying the U.S. wouldn’t be able to work with nations using the Chinese technology.

What’s the Deal with Backdoors?

Backdoors are a method of bypassing authentication or other security controls in order to access a computer system or the data contained on that system. They can exist at the system level, in a cryptographic algorithm, or within an application. Some backdoors are included in software intentionally, however, they can still pose a serious threat if uncovered by the wrong people.

According a paper from Veracode CTO Chris Wysopal and Veracode Chief Research Officer Chris Eng, backdoored software enables attackers to gain access to highly secure systems that are otherwise rigorously locked down and monitored. The network traffic to and from an application backdoor will most often look like typical usage of the networked application.

For instance, the network traffic of an attacker using backdoored blog software will look like the typical web traffic of a blog user. This will enable them to bypass any network IDS protection. Since the backdoored software is installed by the system operator and is legitimate software it will typically bypass anti-virus software protection.

Many attackers will place backdoors in the source code of software that they have legitimate access to simply because it is a challenge and because they can. They have no intention initially of compromising systems where the software will be installed but take the opportunity because they may want to use the backdoor in the future.

Companies like Apple have forsaken backdoors, and has gone as far as to create their hardware without third-party access to ensure an acceptable level of protection for users and their personal information.

Curious to find out if you have backdoors in your code? Get in touch so we can help.

RSS | Veracode Blog

Share
Tweet
Pin
0 Shares
Tagged under: Backdoor, From, Learning, SCANDAL, VodafoneHuawei

Search on the site

Our customers say

Annabel M. – Systems Engineer

 
Samuel D. – Ethical Hacker

 
Karola M. – Influencer

 
Marcus P. – Private Investigator

 
Rosemary S. – Housewife

 
Amit V. – IT Consultant

 
Matthew C. – Entrepreneur

 
Aisha B. – Computer Science student

 
Li W. – IT Analyst

 
Robert C. – Programmer

 

Click here now to visit our Shop!

Click here now to visit our Shop!

Other 2300 users like you have already done it this year!

DOWNLOADED 1316 TIMES!

DOWNLOADED 1316 TIMES!

Download now Hacker Secret our free Android app.

CONTACT US NOW FOR IMMEDIATE SUPPORT!

Contact Us
Write your email address here
Write here how we can help you - we support you immediately for all your needs!

Latest posts

  • How to tell if someone is stealing your wifi

  • How to check saved passwords on Chrome

  • The Computer Security Day

  • What is digital forensics

  • How to install Metasploit in Termux?

## Are you looking for products for hacking, computer security and penetration testing? Do you need to clean up your smartphone, your PC or your site from viruses and malware? Do you need to track down someone or retrieve urgent information? Do you want to buy devices already configured to experiment all the hacking techniques quickly and easily? Do you have special needs in software or hardware? ##

Contact us now … another 2300 users like you have already done it this year!

Click here now!

 

All the techniques, products and services described or contained on this site are intendend for exclusive use of study and professional training and to test the security of own's computer network in accordance with the national legislations on access to computer and online systems. All the services provided on this site (penetration testing, social accounts hardening, Incident Response & CSIRT, MSSP, Cybersecurity Consultancy, etc.) can be provided only with prior written and documented authorization from the owners or their legitimate representatives in accordance with current national regulations .

TOP
New Order