Connect with us

Tech

New tech scare over NATO ally after Russian tapping fiasco

Published

on

The military in NATO ally Germany is offering communications apps to soldiers and other federal employees on Chinese phone maker Huawei‘s app store — even though the telecoms giant has been deemed a security risk by the U.S. and European Union, Newsweek can reveal.

Security analysts expressed concern at the potential for breaches of the system and said it raised new questions over Germany’s commitment to information security after the embarrassing recent tapping of a top-level German security discussion by Russia.

BWI GmbH, the dedicated IT provider of the German army, known as the Bundeswehr, launched the BundesMessenger app for up to five million federal employees last December on Huawei’s AppGallery, as well as on Google‘s Android and Apple‘s iOS stores. Since 2021 about 100,000 German soldiers are using another app, BwMessenger, also developed by BWI, that is also on the Huawei AppGallery, the company told Newsweek.

“With BwMessenger you can communicate about official business just as you would in your private life,” BWI’s website says. About BundesMessenger it says, “Sovereignty, security and freedom. A free messenger for the public sector.”

Germany’s Defense Ministry told Newsweek the apps were secure, but security specialist Nathalie Vogel said there were clear risks.

“They are repeating the same mistakes over and over again and they are threatening allies by giving access to the Chinese,” said Vogel, a Research Fellow at the Center for Intermarium Studies of the Institute of World Politics in Washington, D.C.

“You wonder if anyone at the Ministry of Defense reads the domestic intelligence reports, specifically the chapters related to Chinese operations,” she told Newsweek, referring to warnings of Chinese espionage from Germany’s domestic intelligence security agency, the Office for the Protection of the Constitution.

The logo of the Chinese technology company Huawei at the Vivatech startup and innovation fair in Paris, June 14, 2023. Huawei tech is used widely by European NATO allies despite being sanctioned by the U.S….


Placing vital military and federal communications apps on Huawei’s AppGallery highlighted German security weaknesses, said telecoms analyst John Strand.

“When we looked at the app site, there’s no doubt they have a sloppy security culture,” said Strand, the founder of Denmark-based Strand Consult which tracks telecoms worldwide.

“If China has access to the Huawei version, they probably know how the Android and Apple version works,” said Strand.

Hacking Fiasco

Germany currently faces embarrassment over its security after Russian media leaked a recording of four officers of the Luftwaffe air force discussing how to use Germany’s Taurus missile system in Ukraine and giving information about NATO allies the U.K. and France.

The German Defense Ministry and the BWI said the apps on the Huawei store were secure.

“All messages are encrypted end-to-end with the personal key of the respective user,” a spokesperson for the Ministry of Defense told Newsweek via email. “When used, the data is processed exclusively in Germany. There are no official Huawei devices in the ministry’s official business,” the spokesperson said.

A spokesperson for Germany‘s Interior Ministry, which oversees its security agencies, said via email the ministry “does not use BundesMessenger and it is not available in the app stores offered on official devices” by the ministry. Germany had “no central ban” on China-made software or hardware, the person noted.

BWI spokesperson Benjamin Walter said it was offering soldiers the BwMessenger app on Huawei “because some soldiers have Huawei devices in their private lives. This is intended to enable the official use of private devices for public information.”

The app was developed via open source, meaning vulnerabilities could quickly be identified and erased, and it was offered for Huawei’s HarmonyOS operating system on the basis of Android: “This is the basis currently used in Germany for the use of Huawei mobile devices,” Walter said.

Lucas Lundgren, a Swedish IT specialist, said he doubted the apps were secure.

“Just because it’s open source doesn’t mean it’s necessarily safe. We don’t know how it’s going to look on the Huawei side. They have the ingredients, and at any time you can inject stuff into an application,” Lundgren said.

Emily Harding, Senior Fellow at the Center for Strategic and International Studies in Washington, D.C. said, “Soldiers shouldn’t be using Huawei phones, period. Huawei is subject to Chinese government laws that Chinese companies must provide information to the [Chinese Communist Party].”

“Even if these are ‘personal’ devices, if they are bringing them on base or, worse, on deployment, they could be funneling sensitive information back to China.” Many apps deliver location data, which is also dangerous for other government employees because it allows the Chinese intelligence services to establish patterns of life and potential recruitment opportunities, Harding said.

The German government of Chancellor Olaf Scholz has repeatedly delayed a decision on the presence of Huawei and other Chinese IT providers in Germany’s critical infrastructure, despite growing pressure from the U.S. and the EU. Germany’s main telecoms provider Deutsche Telekom has lobbied against a ban.