Chinese backdoors "hidden in router firmware"

Backdoors could be hidden in router firmware to allow foreign governments or companies to listen in on communications, warns a security company

Matthew Sparkes
4 Mar 2008

The UK's communication networks could be at risk from Chinese backdoors hidden in firmware, according to a security company.

SecureTest believes spyware could be easily built into Asian-manufactured devices such as switches and routers, providing a simple backdoor for companies or governments in the Far East to listen in on communications.

"Organisations should change their security policies and procedures immediately," says Ken Munro, managing director of SecureTest. "This is a very real loophole that needs closing. The government needs to act fast."

"Would they buy a missile from China, then deploy it untested into a Western missile silo and expect it to function when directed at the Far East? That's essentially what they're doing by installing network infrastructure produced in the Far East, such as switches and routers, untested into government and corporate networks."

Late last year MI5 sent a letter to 300 UK companies warning of the threat from Chinese hackers attempting to steal sensitive data. Reports at the time suggested that both Rolls Royce and Royal Dutch Shell had been subjected to "sustained spying assaults".

The issue has been debated by government for some time. In 2001, the then foreign secretary Robin Cook, warned that international computer espionage could pose a bigger threat to the UK than terrorism.

Read more about: