American officials have long considered Huawei, the Chinese telecommunications giant, a security threat, blocking it from business deals in the United States for fear that the company would create “back doors” in its equipment that could allow the Chinese military or Beijing-backed hackers to steal corporate and government secrets.
But even as the United States made a public case about the dangers of buying from Huawei, classified documents show that the National Security Agency was creating its own back doors — directly into Huawei’s networks.
The agency pried its way into the servers in Huawei’s sealed headquarters in Shenzhen, China’s industrial heart, according to N.S.A. documents provided by the former contractor Edward J. Snowden. It obtained information about the workings of the giant routers and complex digital switches that Huawei boasts connect a third of the world’s population, and monitored communications of the company’s top executives.
One of the goals of the operation, code-named “Shotgiant,” was to find any links between Huawei and the People’s Liberation Army, one 2010 document made clear. But the plans went further: to exploit Huawei’s technology so that when the company sold equipment to other countries — including both allies and nations that avoid buying American products — the N.S.A. could roam through their computer and telephone networks to conduct surveillance and, if ordered by the president, offensive cyberoperations.
“Many of our targets communicate over Huawei-produced products,” the N.S.A. document said. “We want to make sure that we know how to exploit these products,” it added, to “gain access to networks of interest” around the world.
The documents were disclosed by The New York Times and Der Spiegel, and are also part of a book by Der Spiegel, “The N.S.A. Complex.” The documents, as well as interviews with intelligence officials, offer new insights into the United States’ escalating digital cold war with Beijing. While President Obama and China’s president, Xi Jinping, have begun talks about limiting the cyber conflict, it appears to be intensifying.
The N.S.A., for example, is tracking more than 20 Chinese hacking groups — more than half of them Chinese Army and Navy units — as they break into the networks of the United States government, companies including Google, and drone and nuclear-weapon part makers, according to a half-dozen current and former American officials.
If anything, they said, the pace has increased since the revelation last year that some of the most aggressive Chinese hacking originated at a People’s Liberation Army facility, Unit 61398, in Shanghai.
The Obama administration distinguishes between the hacking and corporate theft that the Chinese conduct against American companies to buttress their own state-run businesses, and the intelligence operations that the United States conducts against Chinese and other targets.
American officials have repeatedly said that the N.S.A. breaks into foreign networks only for legitimate national security purposes.
A White House spokeswoman, Caitlin M. Hayden, said: “We do not give intelligence we collect to U.S. companies to enhance their international competitiveness or increase their bottom line. Many countries cannot say the same.”
But that does not mean the American government does not conduct its own form of corporate espionage with a different set of goals. Those concerning Huawei were described in the 2010 document.
“If we can determine the company’s plans and intentions,” an analyst wrote, “we hope that this will lead us back to the plans and intentions of the PRC,” referring to the People’s Republic of China. The N.S.A. saw an additional opportunity: As Huawei invested in new technology and laid undersea cables to connect its $40 billion-a-year networking empire, the agency was interested in tunneling into key Chinese customers, including “high priority targets — Iran, Afghanistan, Pakistan, Kenya, Cuba.”
