Feeds

ZTE winds down Iran biz after espionage claims

Chinese telecoms equipment firm not touting for new business

SANS - Survey on application security programs

Chinese handset giant ZTE has been forced to clarify that it’s no longer touting for new business in Iran, but remained vague about allegations that it sold the country’s largest telecoms firm a nationwide internet and phone surveillance system.

Shenzhen-headquartered ZTE sold the state-run Telecommunication Co. of Iran (TCI) the kit in 2010 as part of a €98.6m (£82.4m) deal for networking equipment, according to a Reuters report last week which sourced contract documents and interviews with the people involved in the project.

The report claimed that the deal included the ZXMT system for monitoring voice, text messages and internet comms and is even referred to in ZTE marketing material as an “integrated monitoring system” and a “turnkey solution for lawful interception”.

It uses deep packet inspection to monitor, isolate and block internet traffic, the report continued.

While China is Iran’s biggest trading ally and has generally resisted calls for international sanctions, the report claimed that ZTE also sold TCI US products on a 900-page ‘packing list’ – including AV software, switches and monitors – which were subject to strict American sanctions on Iran.

ZTE has hit back with a statement which fails to mention TCI in particular but claims that the firm “always respects and complies with international and local laws wherever it operates”.

ZTE has provided standard communications and network solutions to Iran on a small scale. However, due to local issues in Iran and its complicated relationship with the international community, ZTE has restricted its business practices in the country since 2011. ZTE no longer seeks new customers in Iran and limits business activities with existing customers.

ZTE has strict internal audit and compliance policies in place. The company has a dedicated import and export control committee chaired by a senior executive. It also provides internal and external import and export compliance training to its employees.

The firm did not immediately reply to a request for clarification on whether these “standard communications and network solutions” may have included a surveillance system.

There was also no indication of exactly how ZTE is shrinking its business in Iran.

The case calls to mind similar problems Huawei has had relating to Iran. ZTE’s Shenzhen neighbour was also accused of selling monitoring technology to the Islamic state, this time by US lawmakers, and claimed to have voluntarily restricted its business activities with Iran.

Andrew Milroy, head of Frost & Sullivan’s Australian ICT practice, argued that it can be difficult to prove that tech equipment sold to states like Iran is ultimately being used for military or repressive purposes, but he added that “the market will take care of it”.

“The international community can’t force Chinese companies not to trade [with the likes of Iran] but they can put pressure on,” he told The Reg.

“Chinese firms like Huawei and ZTE recognise that Western markets represent one of their biggest opportunities for growth. They need to be very sensitive about dealing with countries in the line of fire from the West.” ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.