0 7 mins 5 yrs

Philip Ingram MBE a former Senior British Intelligence officer looks at some of the issues around popular Chinese phone and telecoms device manufacturers for IKON London Magazine.

Techadvisor.co.uk said “You can’t ignore Huawei any more. With increasingly premium smartphones on the market,” the Chinese company is challenging Samsung, LG, Sony and Apple who according to analysis by consulting firm Counterpoint Research, it outsells globally.

Given this great accolade then why are the US Government putting certain Chinese companies under increasing scrutiny and even more. In February, FBI Director Chris Wray told the Senate Intelligence Committee that the FBI was “deeply concerned” about the risks posed by the Chinese phone and telecommunications equipment providers Huawei and ZTE. Both Huawei and ZTE have repeatedly insisted that their consumer devices don’t pose a security threat to the US or anywhere else across the globe.

The Australian Government has decided, reportedly on national security grounds, to exclude Huawei from involvement in their National Broadband Network and in a report to the UK parliamentary Intelligence and Security Committee, the Security Service (MI5) said in 2008 that, theoretically, the Chinese State may be able to exploit any vulnerabilities in Huawei’s equipment in order to gain some access to the BT network, which would provide them with an attractive espionage opportunity.

Looking at the UK market, Huawei makes everything from the routers and switches that steer traffic across the internet, to BT’s green street cabinets, to the transmission equipment used in mobile phone masts. If you send an email from your home computer or make a mobile phone call, wherever you are in the UK, the chances are your private communications and data will be carried over Huawei equipment.
Papers leaked from America’s National Security Agency by Edward Snowden through Wikileaks, revealed that it had hacked into Huawei’s headquarters, obtaining technical information and monitored the communications of its top executives. One of the reported aims was to try and uncover vulnerabilities or back doors in the products to use them for US surveillance operations.

This could be why the US director of national intelligence and heads of CIA, FBI, NSA gave public warnings, but it is likely they know more about Huawei than they would be willing to say publicly. There is a distinct possibility that they found vulnerabilities not just in the software run on the phones, but the firmware (the code that makes components talk to each other) and even in some cases the hardware, the components themselves.
The Chinese Government Strategic Support Force (SSF) is the military organisation tasked with gaining a strategic advantage in the information and cyber domain via its Network Systems Department. Given Chinese government control over most of its industry and that has been clear reporting for many years that the Chinese government forces its domestic electronic equipment providers to hand over their source code, this will be used by the SSF to exploit vulnerabilities in devices globally.
The whole issue is that this is an intelligence game where data is key, so it can be analysed, cross referenced, processed, assessed and turned into intelligence. Unlike the Russians whose targeting priorities are to gain business advantage and steal military secrets the Chinese focus is primarily on intellectual property.

What seems on the surface to be a paranoid approach to the use of certain Chinese manufactured equipment, is based on the possibility that all of the activities transmitted through that equipment could be monitored by the SSF and when they are connected into other networks, used to try and hack those networks. That possibility has been articulated by individuals who are likely to have information regarding the actual vulnerabilities that exist.

Very recently the huge Chinese CCTV manufacturers HIKVISION and Dahua have also been made subject of various restrictions. It has to be emphasised that Huawei deny any Chinese state control or vulnerabilities and set up an organisation staffed by UK security cleared personnel to test the equipment they attach into the critical national infrastructure (CNI) and that organisation is called “The Cell.”

If governments are restricting the use of equipment from certain manufacturers how certain are you that you can trust them with processing your personal data and handling your personal communications? One thing to remember about anything you process electronically on a device that is connected to any network, WIFI, mobile provider, is that that data may not be as safe and personal as you think. It is your choice as to what tech you buy but whatever your choice is, think security, think risk, think compromise and if necessary seek advice.

Don’t use Huawei phones, say heads of FBI, CIA, and NSA https://www.theverge.com/2018/2/14/17011246/huawei-phones-safe-us-intelligence-chief-fears

Huawei Chief Financial Officer (CFO), Meng Wanzhou, who was arrested in Canada has been accused of fraud with a maximum penalty of 30 years in prison.

Meng, who is the daughter of Huawei founder Ren Zhengfei allegedly allowed the company’s subsidiary SkyCom to do business in Iran, thereby violating US sanctions against the country.

The US government has long viewed the company and its close ties to the Chinese government as a threat to national security.
Huawei reportedly also received several warnings over violating Iranian sanctions. Meng may be extradited to the US, subject to approval from the Canadian court. Meanwhile, Huawei claims that it is not aware of any wrongdoing by her. The Chinese Ministry of Foreign affairs has firmly requested Meng’s release.