Spain confirms using Huawei to store judicial wiretaps, denies security risk
MADRID – Spain said it only relies on Huawei Technologies to operate part of its wiretapping system, and dismissed any security risks.
Huawei storage within the so-called Sitel judicial wiretapping system 'represents a minor part of a watertight, audited, isolated and certified system in compliance with the national high-level security scheme,' a government official said in a statement on July 18 in response to questions from Bloomberg News.
The comments follow recent media reports saying that the government uses Huawei technology to help operate Sitel. The reports led US Senator Tom Cotton and Representative Rick Crawford to write to Director of National Intelligence Tulsi Gabbard earlier this week to request that Washington pull back on sharing intelligence with Spain.
Even though Spain has moved away from Huawei as a 5G network vendor, the country's reliance on the company for a key intelligence function creates a gaping security concern for the the US and its allies, Mr Cotton wrote.
In July 18's statement, Spain's government said its intelligence agency CNI is not included in the Huawei contract and that Huawei equipment is not used for any classified information. Sitel is used by security forces that report to the interior affairs ministry.
'The Sitel system is completely isolated from any external environment and continuously monitored by a dedicated cybersecurity team with capabilities in traffic analysis, network management and perimeter security capabilities, supported by cybersecurity personnel' from the security forces, the government said. 'The integration of Huawei-branded storage into Sitel has therefore not posed any risk to the system's security.'
European countries are increasingly moving to exclude Huawei and other telecom vendors with ties to hostile governments from their networks. Germany, Portugal, the UK, Sweden and France have already taken steps to block equipment seen as a security risk based on its country of origin. Equipment made by Huawei and other Chinese vendors has also been blacklisted in the US. BLOOMBERG
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Straits Times
10 hours ago
- Straits Times
Chinese academic in Australia slams 'ridiculous' Hong Kong bounties
Find out what's new on ST website and app. The bounties issued by Hong Kong range from about US$25,000 (S$32,000) to US$125,000, depending on the individual. Sydney - An academic in Australia who was among 19 people that Hong Kong issued bounties for has criticised the 'ridiculous' arrest warrants and warned that the region was trying to exert its power beyond its borders. Authorities from the Chinese city announced cash rewards on July 25 for information leading to the arrest of 19 overseas activists involved in Hong Kong Parliament – a pro-democracy group established in Canada. The bounties range from about US$25,000 (S$32,000) to US$125,000, depending on the individual. Among those named was Prof Feng Chongyi, a China studies professor at the University of Technology Sydney. 'It's certainly ridiculous,' he told the Sydney Morning Herald in an interview published July 26. 'They've got the power, they've got the influence overseas, they want to control everything even overseas.' Prof Feng told the publication he joined the group as an academic. Top stories Swipe. Select. Stay informed. Singapore Almost half of planned 30,000 HDB flats in Tengah to be completed by end-2025: Chee Hong Tat Asia Death toll climbs as Thai-Cambodia clashes continue despite calls for ceasefire Multimedia Lights dimmed at South-east Asia's scam hub but 'pig butchering' continues Singapore Black belt in taekwondo, Grade 8 in piano: S'pore teen excels despite condition that limits movements Asia Where's Jho Low? Looking for 1MDB fugitive at a Shanghai luxury estate Asia Thousands rally in downtown Kuala Lumpur calling for the resignation of PM Anwar Life SG60 F&B icons: Honouring 14 heritage brands that have never lost their charm Business Can STI continue its defiant climb in second half of 2025? 'I feel very sad, I'm extremely upset that the autonomous Hong Kong has been destroyed,' he added. 'It's unbearable for me.' 'Hong Kong was such a beautiful, dynamic place – the best part of Chinese culture, the combination of the East and the West.' The former British colony – handed back to China in 1997 – has seen political dissent quashed since Beijing imposed a sweeping national security law in 2020 following huge and at times violent pro-democracy protests. Prof Feng, who has conducted research into China's pro-democracy groups, was detained for a week in China in 2017. At the time, his lawyer said he was 'suspected of harming national security and could not leave China'. The July 25 announcement of bounties was the fourth from Hong Kong authorities, which has previously drawn strong criticism from Western countries. The bounties are seen as largely symbolic given that they affect people living abroad in nations unlikely to extradite political activists to Hong Kong or China. Australian Foreign Minister Penny Wong said on July 26 she strongly objected to the arrest warrants. 'Freedom of expression and assembly are essential to our democracy,' she said on social media platform X. 'We have consistently expressed our strong objections to China and Hong Kong on the broad and extraterritorial application of Hong Kong's national security legislation, and we will continue to do so.' The UK also condemned the move as 'another example of transnational repression', according to a statement from British Foreign Secretary David Lammy and Home Secretary Yvette Cooper. The Hong Kong government hit back on July 26, calling Britain's reaction 'untrue and biased'. 'Those absconders hiding in the UK and other Western countries are wanted because they continue to blatantly engage in activities endangering national security,' it said, demanding that Britain 'stop interfering in Hong Kong matters which are purely China's internal affairs'. AFP
Straits Times
10 hours ago
- Straits Times
Microsoft probing whether cyber alert tipped off Chinese hackers
Find out what's new on ST website and app. Microsoft is looking into whether a leak from its early alert system led to the widespread exploitation of vulnerabilities in the SharePoint software. Microsoft is investigating whether a leak from its early alert system for cybersecurity companies allowed Chinese hackers to exploit flaws in its SharePoint service before they were patched, according to people familiar with the matter. The technology company is looking into whether the programme – designed to give cybersecurity experts a chance to fix computer systems before the revelation of new security concerns – led to the widespread exploitation of vulnerabilities in its SharePoint software globally over the past several days, the people said, asking not to be identified discussing private matters. 'As part of our standard process, we'll review this incident, find areas to improve, and apply those improvements broadly,' a Microsoft spokesperson said in a statement, adding that partner programmes are an important part of the company's security response. The Chinese embassy in Washington referred to comments made by foreign affairs ministry spokesman Guo Jiakun to media earlier this week, opposing hacking activities. 'Cybersecurity is a common challenge faced by all countries and should be addressed jointly through dialogue and cooperation,'' Mr Guo said. 'China opposes and fights hacking activities in accordance with the law. At the same time, we oppose smears and attacks against China under the excuse of cybersecurity issues.' Microsoft has attributed SharePoint breaches to state-sponsored hackers from China , and at least a dozen Chinese companies participate in the initiative, called the Microsoft Active Protections Program, or MAPP, according to Microsoft's website. Members of the 17-year-old programme must prove they are cybersecurity vendors and that they don't produce hacking tools like penetration testing software. After signing a non-disclosure agreement, they receive information about novel patches to vulnerabilities 24 hours before Microsoft releases them to the public. A subset of more highly-vetted users receive notifications of an incoming patch five days earlier, according to Microsoft's MAPP website. Mr Dustin Childs, head of threat awareness for the Zero Day Initiative at cybersecurity company Trend Micro, says Microsoft alerted members of the program about the vulnerabilities that led to the SharePoint attacks. 'These two bugs were included in the MAPP release,' says Mr Childs, whose company is a MAPP member. 'The possibility of a leak has certainly crossed our minds.' He adds that such a leak would be a dire threat to the program, 'even though I still think MAPP has a lot of value'. Victims of the attacks now total more than 400 government agencies and corporations worldwide, including the US's National Nuclear Security Administration, the division responsible for designing and maintaining the country's nuclear weapons. For at least some of the attacks, Microsoft has blamed Linen Typhoon and Violet Typhoon, groups sponsored by the Chinese government, as well as another China-based group it calls Storm-2603. In response to the allegations, the Chinese Embassy has said it opposes all forms of cyberattacks, while also objecting to 'smearing others without solid evidence'. Mr Dinh Ho Anh Khoa, a researcher who works for the Vietnamese cybersecurity firm Viettel, revealed that SharePoint had unknown vulnerabilities in May at Pwn2Own, a conference in Berlin run by Mr Childs' organisation where hackers sit on stage and search for critical security vulnerabilities in front of a live audience. After the public demonstration and celebration, Mr Khoa headed to a private room with Childs and a Microsoft representative, Mr Childs said. Mr Khoa explained the exploit in detail and handed over a full white paper. Microsoft validated the research and immediately began working on a fix. Mr Khoa won US$100,000 (S$128,160) for the work. It took Microsoft about 60 days to come up with a fix. On July 7, the day before it released a patch publicly, hackers attacked SharePoint servers, cybersecurity researchers said. It is possible that hackers found the bugs independently and began exploiting them on the same day that Microsoft shared them with MAPP members, says Mr Childs. But he adds that this would be an incredible coincidence. The other obvious possibility is that someone shared the information with the attackers. The leak of news of a pending patch would be a substantial security failure, but 'it has happened before,' says Mr Jim Walter, senior threat researcher the cyber firm SentinelOne. MAPP has been the source of alleged leaks as far back as 2012, when Microsoft accused the Hangzhou DPtech Technologies, a Chinese network security company, of disclosing information that exposed a major vulnerability in Windows. Hangzhou DPtech was removed from the MAPP group. At the time, a Microsoft representative said in a statement that it had also 'strengthened existing controls and took actions to better protect our information'. In 2021, Microsoft suspected at least two other Chinese MAPP partners of leaking information about vulnerabilities in its Exchange servers, leading to a global hacking campaign that Microsoft blamed on a Chinese espionage group called Hafnium. It was one of the company's worst breaches ever – tens of thousands of exchange servers were hacked, including at the European Banking Authority and the Norwegian Parliament. Following the 2021 incident, the company considered revising the MAPP program, Bloomberg previously reported. But it did not disclose whether any changes were ultimately made or whether any leaks were discovered. A 2021 Chinese law mandates that any company or security researcher who identifies a security vulnerability must report it within 48 hours to the government's Ministry of Industry and Information Technology, according to an Atlantic Council report. Some of the Chinese companies that remain involved in MAPP, such as Beijing CyberKunlun Technology, are also members of a Chinese government vulnerabilities programme, the China National Vulnerability Database, which is operated by the country's Ministry of State Security, according to Chinese government websites. Mr Eugenio Benincasa, a researcher at ETH Zurich's Center for Security Studies, says there is a lack of transparency about how Chinese companies balance their commitments to safeguard vulnerabilities shared by Microsoft with requirements that they share information with the Chinese government. 'We know that some of these companies collaborate with state security agencies and that the vulnerability management system is highly centralised,' says Mr Benincasa. 'This is definitely an area that warrants closer scrutiny.' BLOOMBERG
Business Times
10 hours ago
- Business Times
China's Premier Li Qiang proposes global AI cooperation organisation
[SHANGHAI] Chinese Premier Li Qiang on Saturday (Jul 26) proposed establishing an organisation to foster global cooperation on artificial intelligence (AI), calling on countries to coordinate on the development and security of the fast-evolving technology. Speaking at the opening of the annual World Artificial Intelligence Conference (Waic) in Shanghai, Li called AI a new engine for growth, but adding that governance is fragmented and emphasising the need for more coordination between countries to form a globally recognised framework for AI. The three-day event brings together industry leaders and policymakers at a time of escalating technological competition between China and the United States, the world's two largest economies, with AI emerging as a key battleground. 'Currently, overall global AI governance is still fragmented. Countries have great differences, particularly in terms of areas such as regulatory concepts, institutional rules,' Li said. 'We should strengthen coordination to form a global AI governance framework that has broad consensus as soon as possible,' he said. Washington has imposed export restrictions on advanced technology to China, including the most high-end AI chips made by companies such as Nvidia and chipmaking equipment, citing concerns that the technology could enhance China's military capabilities. BT in your inbox Start and end each day with the latest news stories and analyses delivered straight to your inbox. Sign Up Sign Up Despite these restrictions, China has continued making AI breakthroughs that have drawn close scrutiny from US officials. Li did not name the United States in his speech, but he warned that AI could become an 'exclusive game' for a few countries and companies, and said challenges included an insufficient supply of AI chips and restrictions on talent exchange. China wanted to share its development experience and products with other countries, especially those in the Global South, Li said. Waic is an annual government-sponsored event in Shanghai that typically attracts major industry players, government officials, researchers and investors. Tesla CEO Elon Musk, who has in past years regularly appeared at the opening ceremony both in-person and via video, did not speak this year. Besides forums, the conference also features exhibitions where companies demonstrate their latest innovations. This year, more than 800 companies are participating, showcasing more than 3,000 high-tech products, 40 large language models, 50 AI-powered devices and 60 intelligent robots, according to organisers. The exhibition features predominantly Chinese companies, including tech giants Huawei and Alibaba and startups such as humanoid robot maker Unitree. Western participants include Tesla, Alphabet and Amazon. REUTERS
