What Is the Government Afraid Of?
11.17.2011 by Andrew M. Seybold
Besides, the Chinese military does not need any help from the likes of Huawei to monitor, access, or break into any of our networks. It and many other countries have scores of talented Internet hackers who do nothing but attempt to access various commercial and government sites all of the time, and with considerable success.
After being pressured by the U.S. Government over the past year or so, Sprint refused to let Huawei bid on some of the infrastructure for its wireless network. Then in October of this year, the U.S. Department of Commerce decided that Huawei was not eligible to be involved in the 700-MHz LTE public safety nationwide broadband network stating that this was a national security decision about a public safety network.
The issue in both cases and in others is that the U.S. Government is concerned about alleged ties that Huawei has with the Chinese military. The thought behind this activity is that Huawei might include an easy to access hole in its systems so the Chinese could sneak in and snoop on those using these networks or gather data for use against the United States. From my perspective, this is simply paranoia on the part of some within the Federal Government.
I guess this also must apply to ZTE but why doesn’t it apply to all of the manufacturers and vendors whose products are built in Chinese plants and then shipped into the United States? How do we know that the factories that build this equipment and the mobile devices are not running over with Chinese military types who are busy embedding harmful software code into these devices that they can activate and use for snooping or to bring a network down? Paranoia is rampant in Washington, DC, that is for sure.
To those of you who say we should buy American, I agree. However, most of the leading suppliers of wireless infrastructure are NOT American companies. Alcatel-Lucent used to be American, now it is a French company, Ericsson is a Swedish company, and Nokia-Siemens is a Finnish company, so buying American is not an option. All of these companies have plants in China or contract with plants in China to build much of their equipment. Further, a large number of the wireless devices on our networks are also built in China and I fail to see the rationale in preventing Huawei from taking part in either our commercial or public safety wireless networks.
Besides, the Chinese military does not need any help from the likes of Huawei to monitor, access, or break into any of our networks. It and many other countries have scores of talented Internet hackers who do nothing but attempt to access various commercial and government sites all of the time, and with considerable success. I might add that I am sure we have a like number of very smart hackers working in various departments within the Federal Government doing the same thing to them.
Competition is a good thing and Huawei has been successful in many other parts of the world. From what I have seen, its backend and infrastructure equipment is well designed and well made (NO, I am not a consultant to either Huawei or ZTE nor have I ever been). I look at what is happening and cringe when people with the power make decisions based on paranoia rather than rational investigation. In fact, Huawei has on several occasions offered to have its company investigated but so far the United States has not taken up the offer.
So not only do we lose at least one if not two viable competitors in the U.S. market, we also lose jobs when we can least afford to. Huawei has a large presence in the United States which will, I believe, now be cut, leaving some very talented U.S. citizens out of work at a time when every job we can create is vital to us moving forward.
If someone wanted to embed something into one of our wireless networks or create a back door for illegal entry it could be easily done. Suppose you wanted to accomplish this. All it would take is to pay off a single engineer or software developer who is working for one of the “approved” companies and have him or her do what was needed to open up a network for intrusion. BUT, and this is a big but, those who work on these networks work hard to make sure they are not vulnerable. When they do find a vulnerable spot they fix it posthaste. Think about all of the software that has been delivered with bugs and other issues hackers have exploited. Many of the operating system companies have released patch after patch to plug these holes, and IT professionals and others are playing a cat and mouse game daily with hackers all around the world. We put up the best firewalls and software to prevent intrusion, the hackers find a way around it, we fix that, and then they find another point of access. As long as all of these networks are attached to the Internet they are vulnerable, plain and simple.
One of the issues we have is that many internal networks have far too many connections to the Internet. The smart organizations and companies have very few and these internal networks can be disconnected from the Internet easily and quickly if there is an attack. Unfortunately, this is not true for many companies and even Federal, state, and local agencies. Many of these organizations may not even know how many they have across their company or organization, especially if they have many different locations around the country or even around the world.
What about the devices on these networks? What about the lack of security built into Android devices and the amount of malware showing up in Android applications because they are not tested or vetted before they are released? A single device or multiple devices on the network can do a lot of damage or gather a lot of information if it has been prepared to do so. What makes the Federal Government believe, for a minute, that banning one or two qualified vendors from providing equipment in the United States will ensure our network safety? Networks are interconnected too, so if a network in Canada or Mexico uses Huawei infrastructure and it is connected to a network in the United States, isn’t that just as dangerous to us?
So I don’t get it. Why are some within the U.S. Government so paranoid that they are building a case for both Huawei and ZTE being excluded from providing infrastructure within the United States? There is an offer on the table from Huawei for a full investigation of the company that the United States has not acted upon, and I have not seen our Government investigating any of the other companies with products being built and even designed in China. I guess free trade only means free trade when we agree to it, otherwise we have the ability and the authority to keep a company out of the United States based on some “fears” that they have secret ties to the Chinese Army. There are many companies that are partially funded by the Chinese Government, and as I mentioned before, much of the equipment that is sold and installed in the United States from the other “permitted” companies is made in China.
When asked about their fears, those at the Commerce Department said that information is classified. Do they mean classified or do they mean that someone within the Commerce Department is paranoid and was able to convince others that they should be as well? I have to wonder how this will all end up and how many other companies that provide jobs within the United States will be banned from doing business here because they might have ties to the Chinese Government.
Andrew Seybold
Andy, I agree with all you say. I note that there has been a similar controversy in India which has a land border, fought a losing war in 1965 and has still unresolved border disputes with China. Of course if effective this argument benefits Ericsson and Alcatel-Lucent and others such as Samsung.In the U.S. we are going through a period of disturbing xenophobia and mental isolationism encouraged by hypocritical politicians seeking election/reelection, so China is an obvious target given its growing economic might, allegations of its unfair currency manipulation and the outsourcing of U.S. jobs. There are serious reasons to criticize and be concerned about the directions China may take but at the same time the greatest threats to our economy and security are at least as much domestically-based as imported from overseas. I remember the xenophobic reactions in some quarters to Deutsche Telekom’s takeover of what became T-Mobile USA. Ironically AT&T now claims it is being patriotic in trying to acquire T-Mobile, proposing to send $25 billion to Germany rather than invest that amount in U.S. networks which it also says are in desperate need of expansion and upgrade. I note finally that Apple is a U.S. icon, but to one of your points its products are manufactured in China
The Government is afraid that Huawei will do exactly what the NSA reportedly did to Crypto Ag years ago, install a backdoor into Crypto AG’s trusted encryption product to spy on targeted countries, entities and commercial firms.
Whether the Crypto AG scandal is true or not (there is debate), the lesson is clear. The encryption should be end to end, meaning that the network is simply the “post office” delivering an encrypted message. In this way China and by association, Huawei is not a threat. True an adversary could demolish the system through unauthorized administrative access. However their is not a public safety network existing in the US (and likely anywhere) that is not vulnerable to jamming or a denial of service attack. Regardless of who designs the system, software for critical systems such as this should be scrutinized by software security engineers and “black hat hackers” to determine vulnerabilities before wide scale deployment.
Still it would be a great thing for these systems to be designed by US engineers, and built in US factories. Maybe that should be the end game in this process.
Hi Andy!
One word sums it up: POLITICS