The whole Huawei-is-a-security–concern issue is convoluted and divisive. The company surpassed Apple to become the world’s second largest smartphone manufacturer, but it’s still considered a security threat by multiple countries, without many carrier deals and bans in the U.S.
To make matters worse, the numerous claims made against the company remain unsubstantiated. If Huawei specifically, and Chinese security threats generally, is the new “red peril,” why isn’t the U.S. acting more strongly?
The U.S. government recently tore ZTE apart, and then confusingly gave the all-clear. One week, ZTE’s deception was a legitimate threat to national security. The next, it’s free to do business in the U.S. again. Go figure.
It’s like the Cold War, only now we’re meant to be afraid of everything Chinese instead of everything Russian. ZTE’s crimes were made public, but we still don’t know for sure what Huawei actually did to make the U.S. skittish. It’s common enough knowledge that Huawei was founded by Ren Zhengfei, a former engineer in the People’s Liberation Army. That alone is not proof of an intent to do wrong.
Genuine security concern, or too good at what it does?
It ends up being a game of adding up the evidence we do see to determine which story stacks higher. Is this all motivated by a desire to block China’s cost advantages in the market over U.S. technology, or a genuine security concern that outweighs any financial competitive advantage?
Huawei’s already up and running, and it’s hardly a secret
If you didn’t know any better, you’d probably assume Huawei never had a presence in the U.S., aside from some enthusiasts who’ve brought phones in. If the company was truly suspected of being an arm of the Chinese government this would make perfect sense.
It turns out at least half a dozen carriers either use or once used Huawei equipment. When Sprint acquired Clearwire in 2012, it agreed to replace any Huawei equipment in its network in response to the October 2012 report by the U.S. House Permanent Select Committee on Intelligence, which deemed Huawei and ZTE as “unsuitable vendors.” As late as 2016, Sprint still hadn’t replaced older Huawei gear, according to reports.
Millions of Americans use Huawei's network infrastructure via regional carriers
As we wrote last year, regional and rural carriers are (very) happily using Huawei, for many as a primary source of network equipment. This includes Union Wireless, who said the Chinese vendor “treated them better than anybody.” Huawei appears to be just as good technically as the competition, and up to 40 percent cheaper. In FCC filings spotted by FierceWireless, Huawei was defended by its U.S. carrier customers, which included Viarero, Union Telephone Company, SI Wireless, James Valley Telecommunications, NE Colorado Cellular, United Telephone Association, and Nemont Telephone Cooperative. Are you sensing a disconnect here?
Historical inconsistency aside, the U.S. may still go further in its curtailing of Huawei’s influence, and other allied countries are also considering their options. Here’s a quick roundup of Huawei’s current status in various countries around the globe:
The Aussies aren’t sure
Huawei is under fresh scrutiny in Australia. The company wants to bid to supply equipment for the country’s next-generation 5G mobile network, and the Australian government is mulling blocking it. All signs point to it being barred from participating in 5G in the country.
5G is particularly important in all countries. It will promote uptake of IoT devices of all kinds, collecting more and more data on devices often very vulnerable to hackers. National cybersecurity issues will only ratchet up this worry further. Australia’s decision on Huawei will have ramifications for years to come.
Huawei's smartphones are popular in Australia, even if their infrastructure is barred
Huawei was already banned from the National Broadband Network (NBN) infrastructure project back in 2012. Since then, Huawei has nevertheless emerged as a large player in the Australian smartphone and IT market. Its smartphones are not as contentious in Australia as in the U.S. The company is the third-biggest supplier to Australians, with significant brand recognition.
Earlier in 2018, the Australian government stepped in to take over the building of a high-speed internet cable between the Australian mainland and the Solomon Islands citing the usual undisclosed “security concerns.” Australian taxpayers got stuck with a AU$50 million bill (~$36.6 million), and Chinese news services called Australia “oversensitive to China’s growing presence.”
China is an enormous trading partner and influence in the Australasian region, and Australia’s economy relies heavily on China, allowing it to exert huge pressure on Australia’s government. This means any ban on Huawei is a political decision with a huge potential economic backlash.
Huawei’s security risks have never been made clear by national security agencies or the government.
U.K.’s “The Cell”
After BT (formerly British Telecom) raised concerns about “chattering” Huawei hardware all the way back in 2005, the U.K. and Huawei created a Cyber Security Evaluation Centre known as “The Cell” so British cybersecurity experts could scour Huawei hardware and code for security risks. The project highlighted more than 100 security concerns in 2016 alone. Despite opening up its code for analysis with oversight from the likes of GCHQ, the Cabinet Office, and Home Office, The Cell remains suspect to many because its staff are employed by Huawei, not the British government.
According to reports, back in the early days, U.K. security chiefs were forced to fly to Huawei HQ in Shenzen to inform the company of issues with its equipment and demand replacements. With Britain part of the Five Eyes security pact, partners like the U.S., Canada, Australia and New Zealand allegedly hardened their approach to their own critical infrastructure and assets. Once again various governments take issue, but industry partners seem perfectly happy.
Back to the U.S.
The scuppered deal between AT&T and Huawei to sell the Huawei Mate 10 Pro brought to light security warnings from U.S. Senators and House representatives. As noted previously, issues regarding Chinese government influence and the potential for espionage were brought forward by both the Senate and House Intelligence Committees, which jointly wrote a classified letter to the FCC raising security concerns. Per The Information, the letter reportedly stated this:
Additional work by the Intelligence Committees on this topic only reinforces concerns regarding Huawei and Chinese espionage.
Under the Obama administration, a U.S. cyber-espionage law limited the importation and use of Chinese-made information technology products, specifically targeting Huawei and ZTE telecommunication tech for carriers.
A declassified report titled “Investigative Report on the U.S. National Security Issues Posed by Chinese Telecommunications Companies Huawei and ZTE” from 2012 elaborates, but it doesn’t provide hard evidence or conclusive answers. More than anything, it noted insufficient evidence provided by the companies, risks to critical assets, and alleged intellectual property theft.
The Pentagon recently ordered retail stores on U.S. military bases to stop selling Huawei and ZTE phones, citing the devices as a “security risk.”
However, for all this concern, no evidence has ever materialized publicly beyond very general, very vague “security risks.” It’s not like the White House and U.S. politics are especially secure — just look at the plethora of public details available around the specifics of Russia’s election meddling in 2016.
Other murky revelations
Two other reports are worthy of attention. The first is a piece published in the Australian Financial Review by Louis Tague, managing director at enterprise cybersecurity firm FireEye in Australia. Tague asserts state-controlled Chinese hackers have increasingly “targeted U.S. companies” to obtain information related to mergers and acquisitions, as well as “U.S. engineering and defense companies” linked to the disputed South China Sea region, and Australian law firms, with indications of many more unrecorded attacks.
Would China allow an American telco to work in the country?
An opinion piece on China and Huawei’s influence submitted to the AFR by Richard McGregor, a senior fellow for East Asia at the Lowy Institute, included this nugget:
Would China allow an American telco to provide key technology for its networks? One Chinese executive I put this question to last week snapped back, without irony: “Of course not!”
Huawei: Firmly protesting innocence
None of this is lost on Huawei. If anything, the company has ramped up its push to be allowed to participate in 5G in Australia. It’s recruited respected members of the cybersecurity industry to help its cause, too.
Huawei’s John Suffolk, senior vice-president of global cybersecurity and privacy, is notable for his previous role as the U.K.’s chief information officer. Suffolk was closely involved in setting up The Cell in Britain before joining Huawei HQ. Perhaps predictably, he says good things about Huawei:
“Huawei is probably the most audited, inspected, reviewed, poked and prodded company in the world — we see that as a good thing,” said Suffolk at Huawei HQ in Shenzen in comments reported by the Australian Broadcasting Commission.
He also indicated support for Australia setting up its own version of The Cell.
“I think Australia could create a centre [sic] that not just covers this risk but becomes a cybersecurity centre of excellence for all of Asia, and we’d be very happy and delighted to work with Australia on that model,” said Suffolk.
The problem can be fixed, but at a cost
The cold war on China is probably only just beginning with President Trump at the wheel. China’s fierce protection of its sovereignty keeps companies like Facebook out of the country, much to the chagrin of Trump (and Facebook’s shareholders). Therefore, China can hardly be surprised when other countries protect themselves, given the strong evidence of IP theft and state-sponsored hacking. The missteps by ZTE reflect terribly on other Chinese businesses, no matter how separate they may be.
Huawei’s exact problems still aren’t known yet. This is part of a larger bogeyman narrative, even if there actually is a monster under the bed. The Five Eyes countries could provide clear evidence of security risks at some point. It’s also possible doing so would reveal too much classified information. We may never know the truth behind the claims.
So for now, you either trust Huawei or you trust the various national security agencies. However, that rock in the shoe — “if Huawei is such a threat to national security, why isn’t more being done?” — remains a confounding question.