The United Kingdom and Huawei
Last October, I noted the publication of a House Intelligence Committee report on the possibility of hardware intrusions arising from the use of products manufactured by Huawei and/or ZTE (two Chinese telecom companies). I've also had a bit of fun gently mocking China's pro forma denials of any hacking efforts.
Now comes news that Her Majesty's Government is also officially concerned about the use of Chinese hardware in its governmental systems. The report from
Published by The Lawfare Institute
in Cooperation With
Last October, I noted the publication of a House Intelligence Committee report on the possibility of hardware intrusions arising from the use of products manufactured by Huawei and/or ZTE (two Chinese telecom companies). I've also had a bit of fun gently mocking China's pro forma denials of any hacking efforts.
Now comes news that Her Majesty's Government is also officially concerned about the use of Chinese hardware in its governmental systems. The report from the Intelligence and Security Committee is entitled "Foreign Involvement in the Critical National Infrastructure." The report, a concise 29-pages (if only US government reports were that brief!) details Huawei's participation in critical telecommunications as a partner of BT (formerly British Telecom). Here's a small sample (GCHQ is the British equivalent of the NSA):
The BT/Huawei relationship began nearly ten years ago; the process for considering national security issues at that time was insufficiently robust. The Committee was shocked that officials chose not to inform, let alone consult, Ministers on such an issue. We are not convinced that there has been any improvement since then in terms of an effective procedure for considering foreign investment in the Critical National Infrastructure (CNI). The difficulty of balancing economic competitiveness and national security seems to have resulted in stalemate. Given what is at stake, that is unacceptable. *** While we note GCHQ’s confidence in BT’s management of its network, the software that is embedded in telecommunications equipment consists of “over a million lines of code” and GCHQ has been clear from the outset that “it is just impossible to go through that much code and be absolutely confident you have found everything”. There will therefore always be a risk in any telecommunications system, worldwide. What is important is how it is managed, or contained.While the Government objected to some of the conclusions of the ISC (which is a Parliamentary committee) its response accepted many of the ISC's recommendations for changed practices. The National Security Adviser, Kim Darroch, has been asked by Prime Minister Cameron to thoroughly review the existing arrangements with Huawei. Huawei says it welcomes the review.
Paul Rosenzweig is the founder of Red Branch Consulting PLLC, a homeland security consulting company and a Senior Advisor to The Chertoff Group. Mr. Rosenzweig formerly served as Deputy Assistant Secretary for Policy in the Department of Homeland Security. He is a Professorial Lecturer in Law at George Washington University, a Senior Fellow in the Tech, Law & Security program at American University, and a Board Member of the Journal of National Security Law and Policy.