The Chinese technology company Huawei in the past had free access to KPNs network and was able to eavesdrop all calls. De Volkskrant reports this on the basis of a secret report from 2010 that the newspaper holds.
According to the newspaper, Huawei was able to eavesdrop uncontrolled mobile numbers from the telecom provider at that time. Among them were the aircraft of then Prime Minister Balkenende, various ministers and Chinese dissidents. Huawei also knew which numbers were tapped by police and intelligence services.
In a response, KPN says that it has no indication that customer data has been bugged or that customer data has been stolen.
KPN used Huaweis technology in 2009. Six Chinese employees of the company worked at the then headquarters in The Hague. In that year, the telecom provider asked researchers from Capgemini to analyse any risks associated with Huawei and how the Chinese company behaved within KPN. The domestic security service AIVD had warned KPN several times about the risk of espionage by Huawei.
The conclusions turned out to be so alarming that the internal report was kept secret. “The continued existence of KPN Mobile is seriously at risk as permits may be withdrawn or government and industry terminate their trust in KPN if it becomes known that the Chinese government can eavesdrop mobile KPN numbers and shut down the network,” quotes the Volkskrants report. At that time, KPNs mobile network had 6.5 million subscribers.
Unauthorized access from China
Capgeminis report stated that Huawei personnel were able to eavesdrop unauthorized, uncontrolled and unlimited mobile numbers from KPN both within KPN buildings and from China. From China, the company provided unauthorized access to the heart of the mobile network. How many times that happened is not clear, because it was not tracked anywhere.
KPN tells DeccEit this morning that it has never been established that Huawei has stolen customer data from the network or customer systems, or that it has been eavesdropped.
Apart from outsourcing
On the basis of the Capgemini report, KPN decided to refrain from outsourcing the full maintenance of the core mobile network. To this day, the telecom company does the maintenance of its mobile core network itself, with the help of Western suppliers. In order to address the risks in the systems of the network, KPN carried out a plan for improvement.
Huawei Nederland denies against the newspaper that it has withdrawn data from the KPN network. De Volkskrant reported last month that the Chinese company also had unlimited access to the customer data of KPN subsidiary Telfort.
Against the newspaper, the AIVD does not want to respond to the question whether measures have been taken to secure ministerial telephoons.