By Matthew Sparkes
4th March 2008
The UK's communication networks could be at risk from Chinese backdoors
hidden in firmware, according to a security company.
SecureTest believes spyware could be easily built into
Asian-manufactured devices such as switches and routers, providing a
simple backdoor for companies or governments in the Far East to listen
in on communications.
"Organisations should change their security policies and procedures
immediately," says Ken Munro, managing director of SecureTest. "This is
a very real loophole that needs closing. The government needs to act
"Would they buy a missile from China, then deploy it untested into a
Western missile silo and expect it to function when directed at the Far
East? That's essentially what they're doing by installing network
infrastructure produced in the Far East, such as switches and routers,
untested into government and corporate networks."
Late last year MI5 sent a letter to 300 UK companies warning of the
threat from Chinese hackers attempting to steal sensitive data. Reports
at the time suggested that both Rolls Royce and Royal Dutch Shell had
been subjected to "sustained spying assaults".
The issue has been debated by government for some time. In 2001, the
then foreign secretary Robin Cook, warned that international computer
espionage could pose a bigger threat to the UK than terrorism.
Subscribe to InfoSec News