This piece, by Peter Varnish, originally appeared in Homeland Security Today on August 27, 2019.
“We’re not going to do business with Huawei,” President Donald Trump told reporters outside the White House this month. “That doesn’t mean we won’t agree to something if and when we make a trade deal.” But should Chinese telecom giant Huawei be used as a bargaining chip?
China’s cyber espionage capabilities are notorious. Just last week, an investigation by the Wall Street Journal turned up evidence of Huawei intercepting encrypted communications to help African governments spy on political opponents.
All over the world, the Communist Party of China (CPC) seeks to infiltrate various entities with the express purpose of siphoning information back to Beijing. For example, China financed the African Union headquarters, with Huawei supplying the information and communication technology, then made off with sensitive information from the AU’s headquarters for five years through suspicious nightly data transfers, as reported by Le Monde and the Financial Times.
Understanding the risks associated with Huawei networks is crucial when determining how to best secure Western interests. In April, news broke that Europe’s largest phone company, Vodafone, discovered “hidden backdoors in the software that could have given Huawei unauthorized access to the carrier’s fixed-line network in Italy.” U.S. allies and tech companies must consider the real cost of doing business with Huawei and insist the Chinese tech company embrace network interoperability to avoid a future with Huawei as the sole global supplier for wireless network technology, without third-party scrutiny. Huawei is regularly subsidized by the Chinese government, allowing it to sell at below-market prices and cut out competitors.
The link between Huawei and the People’s Republic of China can hardly be disguised. While Huawei spokespeople repeatedly claim the company is “employee-owned,” China’s 2017 National Intelligence Law stipulates that “any organization or citizen shall support, assist and cooperate with the state intelligence work in accordance with the law.”
Recent investigations by the Henry Jackson Society uncovered connections between Huawei employment records and Chinese National Security experience. The research, on which I consulted, found that 194 individuals who currently or formerly were employed by Huawei also had experience in the national security sector. Nine individuals, in particular, were found to be particularly threatening to international cybersecurity. It should come as no surprise, then, that reports across Europe and the U.S. show links between Huawei and thousands of LinkedIn users being solicited to share trade secrets with Chinese intelligence agents masquerading on the site.
As we venture into the fifth generation of mobile technology (5G), the possibilities for technological integration stretch far beyond what we can even imagine today. Numerous innovations in the fields of transportation, healthcare equipment, and household consumer goods are already in the pipeline. When considering the evolving Internet of Things (IoT) and its vulnerabilities, the reliability and trustworthiness of our networks must be the primary objective. A new study by physicists at the Georgia Institute of Technology and Multiscale Systems, Inc., shows that hackers could gridlock entire cities using connected cars, for instance.
World leaders are beginning to understand the gravity of the issue. Former Australian Prime Minister Malcolm Turnbull’s warning to Britain that the potential risks posed by Chinese telecoms giants “cannot be effectively mitigated” speaks to the severity of violations he witnessed firsthand. He called Huawei a “high-risk vendor” after a thorough effort by Australian intelligence agencies failed to determine any possible engineering solutions to thwart the risks that accompany the presence of Huawei gear in national communications infrastructure. Britain remains the only country of the ‘Five Eyes’ Security Alliance that has approached Huawei’s involvement in 5G as a manageable risk, but that may change under new Prime Minister Boris Johnson. All other members of the Alliance — U.S., Canada, Australia, and New Zealand — are united in their security concerns about China’s involvement in 5G build-out. The UK’s divergent stance risks its access to future intelligence that is vital to the safety of its people, because Five Eyes members are unlikely to risk transmitting sensitive information over an insecure network.
Those who choose to ignore the red flags with Huawei are underestimating the consequences of giving China direct access to network infrastructure. And once 5G is operational, it will be technically difficult and practically impossible to remove Huawei equipment from the network. Now is the time for the US and its allies to come together and develop secure solutions for the construction of 5G networks. Interoperability across the supply chain would ensure the safeguard of third-party scrutiny and prevent Huawei from sinking its 5G competitors through rejection of a shared build platform. It’s the only way to avoid drowning under Huawei’s rising tide.
Dr. Peter Varnish, OBE, FREng, is a Visiting Professor at Coventry University and is an independent electronics and weapons engineer specializing in defense and security technologies.