It’s almost as if the world’s biggest surveillance superpowers don’t want Huawei cell tower and networking router equipment inside critical networks in their countries, amid concerns of the company’s links to the Chinese military.
Huawei, they say, could be spying for the Chinese — and that presents a national security risk.
But there’s a problem. Years of congressional hearings and “inconclusive” hardware inspections have presented a mixed picture on the threat that Huawei may, or may not pose. Despite the fact that the company’s founder and president is a former officer in China’s People’s Liberation Army and the company remains heavily funded by the Chinese government, there’s also no public, direct evidence that Huawei is using its equipment to spy on network traffic inside the U.S. or any other country. In any case, Huawei can’t prove a negative, so all it can do is allow governments to assess its devices — which has so far found some issues but nothing conclusive to tie it to Chinese espionage actors.
That’s the crux of the argument: nobody thinks Huawei is spying now. To get caught would be too dangerous. But nobody knows that it won’t spy in the future.
The worst case nightmare scenario is that telcos will snap up Huawei’s technology and install its equipment in every nook, cranny and corner of their networks. Why wouldn’t they? The technology is cheap, said to be reliable, and is necessary for the impending 5G expansion. Then years later China exploits a hidden vulnerability that either lets its hackers steal economic secrets from businesses.
At that point, it would be too late. The network operators can’t just rip out their routers and switches. The damage is done.
Telcos need Huawei as much as Huawei needs them. But the North American and European telcos are finding it increasingly difficult to navigate pressures from their governments, which treat them as critical national infrastructure and a constant national security concern.
The reality is that China is no more a national security threat than the U.S. is to China, which has its own burgeoning networking equipment business. Just as much as the U.S. and Canada might not want to use Huawei or ZTE equipment in their networks for fear of a surprise cyberattack ten years down the line, why should China, Russia, or any other “frenemy” state choose HPE or Cisco technologies?
Companies have an option: Is the enemy you know better than the one you don’t?
The U.S. government has persisted across administrations with its fiery rhetoric over Huawei’s links to the Chinese government, since a House Intelligence Committee report in 2012 pushed for a domestic ban on equipment built by Huawei and ZTE, another Chinese electronics maker, and even warning against using their consumer phones. Noticeably absent from the House’s report was any specific proof of Chinese spying.
Core to the panel’s claim that “a router that turns on in the middle of the night, starts sending back large data packs, and it happens to be sent back to China,” said former congressman Mike Rogers (R-MI). Huawei, which has always denied the claims, has long called for evidence. Only this week, the U.S. said it doesn’t need to show proof, citing the company’s ability to be “leveraged by the Chinese government.”
The report contained claims of bribery and corruption, copyright infringement and more, but there was no smoking gun that proved that the company was spying — only that it could at the request of Beijing.
China’s authoritarian rule notwithstanding, the country says that it doesn’t have a single law that can compel a company to spy on its behalf or put backdoors in its products. Westerners are rightfully skeptical: in China, the government doesn’t need a law to say it can or can’t do something.
Yet ironically, it’s the U.S. and the U.K. — and more recently Australia — that have laws in place that can in fact compel a company to turn over data, or force a company to install backdoors. After the Edward Snowden disclosures that revealed the scope of U.S. surveillance, China retaliated by dropping U.S. technology from its networks and systems. That was no bother for China; it has its own booming tech industry, and just started using its own homegrown equipment instead.
Other countries aren’t so lucky, and more often than not are stuck between buying their tech from the two spying giants.
Western nations would rather trust U.S. technology with its powerful surveillance laws, while the rest of the world either trusts Chinese technology or simply doesn’t care.
Any technology can be a national security risk. It’s less selecting the right gear, and more picking your poison.
This post was originally posted at http://feedproxy.google.com/~r/Techcrunch/~3/bEYmD4S5Tn4/.