What's new

Huawei stole our tech and created a 'backdoor' to spy on Pakistan, claims IT biz

313ghazi

ELITE MEMBER
Joined
Mar 14, 2017
Messages
12,932
Reaction score
45
Country
Pakistan
Location
United Kingdom
Allegations of purloined trade secrets, unfair competition, national security threats, and more packed into lawsuit

A California-based IT consultancy has sued Huawei and its subsidiary in Pakistan alleging the Chinese telecom firm stole its trade secrets and failed to honor a contract to develop technology for Pakistani authorities.

The complaint [PDF], filed on Wednesday in the US District Court in Santa Ana, California, describes how Business Efficiency Solutions, LLC, (BES) began working with Huawei Technologies in 2016 to overhaul the IT systems available to the Punjab Police Integrated Command, Control and Communication Center (PPIC3) of Lahore, capital of the Punjab province of Pakistan.

The legal filing claims, among other things, that Huawei has used BES’s Data Exchange System "to create a backdoor and obtain data important to Pakistan’s national security and to spy on Pakistani citizens."

The PPIC3 project, as described in the legal filing, was part of an initiative formulated by the Punjab Safe Cities Authority (PSCA), a provincial government body. Its goal was to modernize the technology available to local police.


The request for proposal (RFP) called for proposals describing the design of eight software systems:
  • Data Exchange System (DES), for storing data from national identity cards, excise and customs, cellular providers, land and tax records, immigration and passport records, and the like.
  • Building Management System (BMS), for managing building security, environmental systems, and access.
  • Resource Management System (RMS), for managing police resources, like vehicles and equipment.
  • Digital Media Forensics Center (DFC), for managing captured video and still imagery from the police network.
  • Learning Management System (LMS), for workforce training and support.
  • Media Monitoring Center (MMC), for monitoring the internet (social media), print, and broadcast.
  • Field Assets, including Mobile Emergency Command and Control Vehicles (ECV), for keeping track of command vehicles, handheld and laptops for field use, body cameras, and covert miniature cameras.
  • Unmanned Aerial Vehicles (UAV), for managing industrial-level drones for real-time surveillance.

According to the complaint, authorities in Pakistan invited various companies to submit proposals, including Motorola, Nokia, and Huawei.

Huawei, it's alleged, lacked the technical capability to provide the systems called for by the RFP and so, in March 2016, it partnered with BES to develop the eight software systems. BES's work on the project is said to have been instrumental in PSCA's decision to award the project to Huawei for $150m.
Huawei also began to use one of BES’s software systems to establish a 'backdoor' from China into Pakistan that allowed Huawei to collect and view data important to Pakistan’s national security and other private, personal data on Pakistani citizens

Huawei is said to have obtained BES's low-level designs for these systems and then resisted paying BES while seeking similar police modernization contracts – without involving or paying BES – in several other cities in Pakistan, and in Qatar, Dubai, the United Arab Emirates, and Saudi Arabia.

"After Huawei had BES’s valuable trade secrets and other intellectual property in its possession, Huawei used its knowledge of BES’s technology to begin secretly procuring certain portions of BES’s software systems from other sources – including from vendors BES identified to Huawei," the complaint says.

"Huawei also began to use one of BES’s software systems to establish a 'backdoor' from China into Pakistan that allowed Huawei to collect and view data important to Pakistan’s national security and other private, personal data on Pakistani citizens."

"Backdoor" may not be the right term, though it's difficult to be certain without knowing the details of the system's technical architecture. In the complaint, the term is used to describe a duplicate of the PSCA's DES running on servers based in a Huawei facility in Suzhou, China. Whether that copy arises from a covert remote access capability or an overt replication option under indifferent or permissive security policy isn't clear.

Pattern of behavior claimed

Among the exhibits entered into evidence with the complaint is a March 28, 2017 email from BES CEO and founder Javed Nawaz asking a contact at Huawei to obtain written approval from the Punjab police (PPIC3) that they're willing to store their sensitive data in China.

"In regards to setting up the environment in Suzhou in China, we want to insure [sic] that PPIC3 has no objection in transfer of this technology outside of PPIC3 for security reasons," the message from Nawaz says. "Please get an approval from PPIC3, in writing, prior to us performing this function. Our staff is on way [sic] to PPIC3 and will await instructions before updating DES on to servers in China."

The reply received the following day said that no approval is necessary. The complaint indicates that Huawei subsequently said it had received approval from the Pakistani government, but provides no documentation to that effect.

"Huawei threatened to terminate the agreements between the parties and withhold all payments owed to BES unless BES installed the duplicate DES system in China," the complaint says. "In light of Huawei’s affirmative representations that they had the approval of the Pakistani government, the duplicate DES system was installed in China.

"On information and belief, Huawei-China uses the proprietary DES system as a backdoor from China into Lahore to gain access, manipulate, and extract sensitive data important to Pakistan’s national security."

The Register asked multiple communications personnel from Huawei to comment on these claims, and we received no response.
However, we cannot recall any company ever admitting to operating a deliberately backdoored system – we assume Huawei would describe the alleged DES duplicate, if still operational, as a test environment and would insist it keeps its client's data safe.

When such allegations have surfaced in the past, Huawei has denied them. Last year, during the Trump administration, US authorities claimed that Huawei can covertly access its telecom equipment. But evidence to that effect, if it exists, has not been made public.

The BES lawsuit cites a past instance, described in an April 8, 2019 BBC report, in which the PSCA told Huawei to remove Wi-Fi cards from a CCTV system in Pakistan because the cards had been set up to provide remote diagnostic information – which a Huawei representative at the time characterized as "a misunderstanding" and the BES complaint describes as a "covert backdoor to monitor Pakistan citizens using Wi-Fi chips."

The BES legal filing also points to trade secret theft indictments against Huawei in 2019 and in 2020 by the US Justice Department to bolster its claims.

It's also possible that Huawei did receive approval from Pakistan to maintain a clone of a sensitive police database in China and has chosen not to provide that to BES. In that case, the redundant DES in China might be better described as an unusual display of trust for the storage of sensitive information than as a "backdoor."

In any event, in 2018, Huawei filed an arbitration petition in Islamabad, Pakistan, and obtained an injunction preventing BES from terminating its contract with the telecom firm. BES last September filed its own arbitration petition to recover damages and is now pursuing its trade secret and unfair competition claim in California. ®

 
Last edited by a moderator:
. . .
American: Huawei monitored Pakistan.
Pakistani: How do you know?
American: Because I monitored you
Oh boy this meme comes to mind
Meanwhile Pakistanis:
hqdefault.jpg
 
Last edited:
.
China's Huawei Sued for using US California Company to Spy on Pakistan Using Safe City Project

1628863532491.png


Business Efficiency Solutions (BES) LLC, a California-based company, has moved to California Federal Court against China's Huawei for stealing its trade secrets during a collaborative project for the Pakistani government and spying on Pakistani police and law enforcement agencies.

In a petition lodged by Akin Gump Strauss Hauer and Feld LLP, a leading global law firm, BES, contended that the Chinese tech giant used its technology to create a “backdoor” to collect sensitive data that was important to Pakistan’s national security.


ALSO READ: 2 Companies Allegedly Involved in Rs. 6 Billion Mega Tax Fraud

For the unversed, a backdoor means a feature or defect of a computer system that allows surreptitious unauthorized access to data.

The petition alleged that Huawei subcontracted BES in 2016 for $150 million for developing software systems to equip Pakistan’s police and other law enforcement agencies with the latest technologies.



BES developed 8 software systems that collect data from government departments, control access to buildings, monitor social media, and manage drones along with performing other major tasks.

The software systems included proprietary code, designs, diagrams, and other information that are considered valuable trade secrets by BES.

Huawei forced BES to send software systems to the company in China for testing. Although BES reluctantly agreed to Huawei’s demand, it later terminated its authorization access to the software systems after the Chinese company restricted its access to its testing laboratory.

The Chinese tech giant has neither returned the software systems nor uninstalled them yet despite agreeing to do so earlier.

Later, Huawei also pressurized BES to install its data-aggregation software in its testing laboratory, this time not merely for testing purposes but with full access to the Lahore Safe City project.

BES installed the software after Huawei claimed that the Pakistani government had granted it complete access to the Lahore Safe City project.

This is just one instance, the Californian company has accused Huawei of using its software systems in similar “Safe City” projects in Pakistan to create a backdoor to gain access, manipulate, and extract sensitive data important to Pakistan’s national security.

Via Reuters

 
.
. .
Huawei is an integrator. So a statement like "Huawei forced BES to send software systems to the company in China for testing" is just an ignorant sentence. All integrators do that. Why would they ship somebody else' software without testing it themselves?
 
.
Huawei is the world's leading telecom company, but it has to rely on US companies to steal information, Huawei can't even set up a spy studio in Pakistan, so they have to send the software back to China for modification. The United States, with a lower level of communication, could monitor the entire European Union and treat Ms. Merkel's phone as a radio program.

Damn it, our spies are so bad. Maybe we should buy the Israeli software. :rofl: :rofl: :rofl:
 
.
China's Huawei Sued for using US California Company to Spy on Pakistan Using Safe City Project

View attachment 769404

Business Efficiency Solutions (BES) LLC, a California-based company, has moved to California Federal Court against China's Huawei for stealing its trade secrets during a collaborative project for the Pakistani government and spying on Pakistani police and law enforcement agencies.

In a petition lodged by Akin Gump Strauss Hauer and Feld LLP, a leading global law firm, BES, contended that the Chinese tech giant used its technology to create a “backdoor” to collect sensitive data that was important to Pakistan’s national security.


ALSO READ: 2 Companies Allegedly Involved in Rs. 6 Billion Mega Tax Fraud

For the unversed, a backdoor means a feature or defect of a computer system that allows surreptitious unauthorized access to data.

The petition alleged that Huawei subcontracted BES in 2016 for $150 million for developing software systems to equip Pakistan’s police and other law enforcement agencies with the latest technologies.



BES developed 8 software systems that collect data from government departments, control access to buildings, monitor social media, and manage drones along with performing other major tasks.

The software systems included proprietary code, designs, diagrams, and other information that are considered valuable trade secrets by BES.

Huawei forced BES to send software systems to the company in China for testing. Although BES reluctantly agreed to Huawei’s demand, it later terminated its authorization access to the software systems after the Chinese company restricted its access to its testing laboratory.

The Chinese tech giant has neither returned the software systems nor uninstalled them yet despite agreeing to do so earlier.

Later, Huawei also pressurized BES to install its data-aggregation software in its testing laboratory, this time not merely for testing purposes but with full access to the Lahore Safe City project.

BES installed the software after Huawei claimed that the Pakistani government had granted it complete access to the Lahore Safe City project.

This is just one instance, the Californian company has accused Huawei of using its software systems in similar “Safe City” projects in Pakistan to create a backdoor to gain access, manipulate, and extract sensitive data important to Pakistan’s national security.

Via Reuters


Strange news. An American company fights for the benefits of Pakistan and the foe is Pak's best buddy? Or another mud sling shot aimed at China to disrespect and to drive a wedge into the cooperations China and its partners have built?
Why don't Pakistan, China, Russia, France, Germany and other countries sue the California company for building backdoors that jeorpadize national security? What is this CA company's mission? Get the US government to investigate its own company for cyber crimes before it yaps another complaint about Russian and Chinese hackers.
 
. .
Huawei is the world's leading telecom company, but it has to rely on US companies to steal information, Huawei can't even set up a spy studio in Pakistan, so they have to send the software back to China for modification. The United States, with a lower level of communication, could monitor the entire European Union and treat Ms. Merkel's phone as a radio program.

Damn it, our spies are so bad. Maybe we should buy the Israeli software. :rofl: :rofl: :rofl:

No, it says Huawei stole BES software, tweaked it by adding a backdoor, and put it on Pakistani Government machines.

MeanFloweryBeardeddragon-size_restricted.gif

just another Chinese control victory
 
Last edited:
.
No, it says Huawei stole BES software, tweaked it by adding a backdoor, and put it on Pakistani Government machines.

MeanFloweryBeardeddragon-size_restricted.gif

just another Chinese control victory

pretty sure BES is a small / medium Pakistani American owned enterprise.
Belt and Road v1 and CPEC 2.3 is infested with spyware ...its just the price of Chinese investment.

I don't even blame them they need to keep an eye on billions they're investing in some very risky countries.
 
. .
Last edited:
.

Pakistan Affairs Latest Posts

Back
Top Bottom