US decision to not only ban Huawei domestically, but to also promote this stance around the world is clearly politically motivated. Proof of the cybersecurity risks have not been released because any potential risk is not at all associated with what is being portrayed.
The United Kingdom and German governments have already broken ranks on this stance. Intelligence representatives and politicians have also weighed in with their comments for or against the ban. Bringing together what we know begins to paint a pretty clear picture.
Any contention with Huawei centers on the 5G network roll outs being prepared around the world. The accusation insinuates that the utilization of Huawei equipment in these networks gives Huawei access to secure data.
When reviewing risks with telecom equipment providers, there is really only one red flag and if you are unfamiliar with the industry, it may potentially come as a surprise.
Cisco Systems’ History of Security Flaws
If it is a surprise though, it really should not be. US Intelligence agencies have consistently shown their true colors when it comes to ensuring their spying capabilities and insistence on backdoors around the world, for example in the dispute between Apple and the CIA in regards to encryption.
Cisco patched a total of 7 backdoor vulnerabilities in their equipment over the course of 2018.
- CVE-2018-15439 – Cisco Small Business Switches Privileged Access Vulnerability
- CVE-2018-15427 – Vulnerability in Cisco Video Surveillance Manager
- CVE-2018-0375 – Cisco Policy Suite Cluster Manager Default Password Vulnerability
- CVE-2018-0329 – Cisco Wide Area Application Services Software Static SNMP Credentials Vulnerability
- CVE-2018-0150 – Cisco IOS XE Software Static Credential Vulnerability
- CVE-2018-0150 – Cisco IOS XE Software Static Credential Vulnerability
- CVE-2018-0141 – Cisco Prime Collaboration Provisioning Hard-Coded Password Vulnerability
Of these 7 vulnerabilities, 5 were discovered by Cisco themselves which could be construed as a positive note for the company. However, these discoveries are a result of an internal audit that began in 2015 because so many security issues were being discovered in Cisco equipment, such as with CVE-2014-0659 which was discovered in January 2014.
Cisco keeps their policy at trust.cisco.com in which they maintain a “no backdoor” policy which prohibits the practice of designing their equipment and software with intentional security flaws, such as backdoors. Regardless, of every major telecoms manufacturer, Cisco stands center stage when it comes to having been repeatedly caught with these types of cybersecurity risks.
Even with this history of security risks, there is no international condemnation of Cisco equipment nor any type of condemnation from the US government itself. Trust that Cisco will self-govern and control these risks, however ill-advised, comes from the fact that Cisco is a business first. Any inclination it may have towards participating as a spying apparatus for any government falls flat when considering the financial aspect.
Those On Board With Huawei Ban
Claiming any cybersecurity risk with Huawei equipment would seemingly rely on a historical precedence or at the very least, a semblance of proof. Many claims exist that the absence of this proof in the public domain are due to matters of national security.
Reviewing the possibility of this as the reason for the absence of proof is easily dismissed. Even if the public should not be aware of this, surely US allies would be presented with all the factual evidence.
Australia, New Zealand, and Japan are effectively the three nations, besides the US itself, with bans on Huawei equipment for 5G roll out thus far.
Australia’s August 2018 ban came in the wake of US’ warnings of the security risks. The ban in Australia is not limited to Huawei as it also includes ZTE which is the second largest telecoms equipment manufacturer in China. Several things have happened as a result of the Australian ban.
To dissuade security concerns, Huawei has offered the Australian government access to their source code. Ironically, this is the type of action that detractors accuse the Chinese government of enforcing. Other repercussions include TPG Telecom halting all further work in developing their telecommunications network.
Australia’s ban centers on the idea that 5G technology differs from previous technologies. General Mike Burgess, director of the Australian Signals Directorate (ASD) has stated that, “The distinction between core and edge collapses in 5G networks. That means that a potential threat anywhere in the network will be a threat to the whole network.”
Following suit with the Huawei ban was New Zealand in October 2018. Similar to Australia, New Zealand’s ban stems from the security concerns of which are not clarified. New Zealand’s Government Communications Security Bureau (GCSB) director-general, Andrew Hampton, has stated that “a significant network security risk was identified”, triggering the ban.
In December 2018, Japan was the last to officially ban on Huawei and ZTE equipment. Policy was set forth to bar public procurement of equipment from either manufacturer. Although the ban does not explicitly name either Huawei or ZTE, Chief Cabinet Yoshida Suga has said, “It is extremely crucial not to procure equipment that embeds malicious functions including information theft and destruction”.
Major Detractors From Ban
Several countries are currently moving forward with the possibility of a Huawei roll out of 5G networks.
Thailand launched a Huawei 5G testbed in the wake of US warnings to the international community.
Most notable countries moving forward with allowing Huawei equipment are Britain, Germany, India, and the United Arab Emirates.
Although Britain has stated worries over the possibility of the security risks, Ciaran Martin, the leader of Britain’s National Cyber Security Center has stated that it is something entirely manageable. Martin has said, “Our regime is arguably the toughest and most rigorous oversight regime in the world for Huawei, is not in any sensitive networks, including those of the government.”.
Britain’s stance on the Huawei ban may be the most important of all due to their membership in Five-Eyes (FVEY). Other members of the intelligence alliance have been toeing the line, as is apparent with the US, Australia, and New Zealand already implementing bans.
Canada, the final member of FVEY has not officially placed a ban on Huawei equipment, but are definitely broaching the subject.
With the United Kingdom detracting from the stance of other FVEY members, this completely undermines the US’ aggressive stance on the issue.
Germany, in following suit with allowing Huawei equipment begins to highlight the issue as mostly fear mongering. Outside of a governmental proclamation, even the CEO of Cisco has said the fears are overblown.
As telecommunications technology moves forward, the next biggest deployment will be 5G equipment, of which Huawei is best positioned to provide. Several reports have come out from indicating the costly effect of banning Huawei equipment.
The GSM Association (GSMA) is the organization which represents the GSM protocol in telecommunications network and has membership from approximately 800 mobile operators. Currently being discussed by the GSMA is whether they should support a Huawei ban and that if such a ban is implemented, it could set back 5G roll out for a few years.
Besides TPG halting development in Australia, Telus of Canada has warned of the detrimental costs a ban would incur. Vodafone has similarly stated a ban in the United Kingdom could cost millions of pounds.
Delaying the roll out using Huawei equipment could arguably be justified if there were proven instances of cybersecurity risks. Implementing these bans on the potential risks because of a loud bully are an entirely different picture.
Those who argue that this proof is being withheld from public view due to national security implications potentially have access to information we do not. Assuming there is proof coming from the US and its allies of the apparent security risks from utilizing Huawei equipment, we could also assume that information is being shared to its allies.
However, as allies like Britain and Germany dismiss the seriousness of these security risks, we begin to wonder what proof, if any, is available.
Intelligence sharing between the United States and the United Kingdom is all but guaranteed. If this proof existed, the UK moving forward with the allowance of Huawei equipment would be tantamount to betrayal and even treason.
With Germany’s decision to allow Huawei equipment, we also saw the desperation of the US in threatening to reduce intelligence sharing with their ally.
Extreme Scrutiny of Huawei
Huawei in the end is a corporation aimed at profits. Much like its major US competitor, Cisco, trust in their equipment is of the absolute importance. Unlike Cisco, Huawei is on the receiving end of much more scrutiny from the largest intelligence agencies around the world.
If the security risk of the equipment is as blatant and egregious as the US is insinuating around the world, that proof would have been long discovered. The fact that there is no concrete proof is not because it is a national security secret, it is because the proof does not exist.
From providing its source code to Australia to having its source code allegedly hacked by US intelligence, surely there is a reason the US is trumpeting this narrative.
Bullying by the US of nations around the world to submit to their crusade or face consequences potentially boils down to the fact that Huawei would be unlikely to submit to spying requests from US intelligence agencies.
Der Spiegel reported in 2013 on leaked documents highlighting the NSA’s arsenal when it comes to infiltrating the security of nearly all telecommunications equipment, including equipment from Huawei and Cisco. Even if we take the accusations from the US on the security risks at face value, their spy agencies have proved that regardless of the equipment, backdoors and cooperation from manufacturers is not a requirement.
The leaked document of the NSA’s toolbox was dated from 2008, which potentially provides some insight as to the US’ current motivations. It is possible that since these documents were leaked, Huawei has reviewed their software and diminished the US’ spying ability.
If Huawei takes the stage in the 5G roll out around the world and they have actually improved security in their equipment, this would could certainly explain why the US government has been so zealous in its endeavor.
As allies, corporations, and professionals undermine the US’ position, it is time to take a step back and look at the reality of the situation. Huawei has a strong history when it comes to the security in their software and telecommunications equipment.
As countries move forward with allowing Huawei to be involved in their 5G rollouts, they will have these networks built faster and cheaper than those nations who do decide on a ban. The US, in pushing this position around the world risks putting itself and its allies technology years behind with their 5G technology. Until the security risks are proven otherwise, this decision can only be detrimental to those countries who decide on a ban.