Britain underestimates the Huawei threat

The British government recently announced it would allow the Chinese telecom equipment manufacturer, Huawei, to play a role in the buildout of Britain’s 5G wireless network. It’s a controversial move that flies in the face of very vocal concerns from the U.S. government, so this staunch disagreement between allies begs the question: “Is there really a threat here?”

Short answer: Absolutely, utterly, undoubtedly.

The first thing to consider is whether or not Huawei has meaningful ties to the Communist Party or China’s military and intelligence complex — and the answer is a resounding, “yes.”

The CIA, NSA, FBI and DIA have all testified before the Senate Intelligence Committee about the risks associated with Huawei — and other companies and entities “beholden to foreign governments” — potentially gaining positions of power in critical infrastructure. These warnings are even more dire when they deal with the telecommunications networks that serve as the control plane for almost all other critical infrastructure.

In fact, four of the “five eyes” (Australia, Canada, New Zealand, and the U.S.) have declared the use of Huawei telecommunications equipment — particularly in 5G networks — poses “significant security risks.”

China’s 2017 National Intelligence Law states: “All organizations and citizens shall, in accordance with the law, support, cooperate with, and collaborate in national intelligence work, and guard the secrecy of national intelligence work they are aware of.”

Much of the counterarguments presented by Huawei executives takes the angle that foreign governments with Huawei’s technology could choose not to comply with the “intelligence work.”

That claim is tenuous, at best. 

Would China extend its strategic intelligence, military, and information operations overseas to other countries using its technologies? Absolutely, and there’s plenty of evidence that it’s doing so already.

The “no strings attached” infrastructure deals China has made in African markets serve as a template for a Chinese military and intelligence strategy that is difficult for the average Westerner to comprehend. China is effectively using bribes, opaque agreements, and the strategic use of debt to hold states in Africa captive to Beijing’s wishes and demands. For example, because Zambia carries up to $10 Billion of debt to China, the Chinese are “now poised to take over Zambia’s national power and utility company in order to collect on Zambia’s financial obligations.” With growing control of overseas utilities comes growing control of the internet outside of China’s own borders.

This could unfold in a variety of ways, perhaps most chillingly with China cementing the control it has established on Africa’s media markets. Huawei Technologies (whose largest shareholder is a Chinese state-owned firm) and ZTE (another Chinese manufacturer) have established over 40 third-generation telecom networks in more than 30 African countries. As noted in Foreign Policy, “Some observers have argued that the Chinese government uses its media subsidiaries in Africa much as the Russian government uses RT in Europe; finding the cracks in Western media and filling them with alternative narratives deemed favorable to Chinese interests.”

It’s easy to dismiss these strongarm tactics as an unlikely risk for Britain, but that doesn’t put the UK in the clear. What are the more likely risks? As the developer of technologies that utilize very small pieces of information to extrapolate much larger insights for identifying hackers, I can tell you that very large intelligence advantages can be gained from very small pieces of communications data.

Spokespeople for Huawei have stated their products do not contain government-mandated backdoors. If your interpretation of “backdoor” is something like malware — a stand-alone application designed for remote access and control — the statement is probably true. Such backdoors are many times discovered by professional or hobbyist reverse engineers. However, if your interpretation of “backdoor” is something like “an undisclosed low-level firmware, software, or hardware ‘bug’ that can later be exploited to gain access or change configurations,” then the risk here is extraordinarily high.

It’s extremely important to recognize that the Chinese People’s Liberation Army has openly stated technology is the battlefield it can use to wage a successful war against currently existing superpowers.

My organization has examined breaches in cases involving “border router compromises,” which are not well publicized or broadly understood threats, but are a terrifying and extremely analogous example to how a nation-state in conflict could take advantage of the networking infrastructure at the heart of the Huawei controversy. In such cases the network infrastructure itself is hijacked by an adversary — infrastructure that is both remotely accessible by attackers, while being extremely difficult for defenders to monitor and audit. In these cases, certain types of traffic can be reconfigured to be rerouted through an attacker-controlled point, where all activity is then passively and silently logged by the aggressors. Even more surreptitious, and plausibly more of a risk in this case, is simply the targeted collection of flow metrics for “interesting” targets.

In the cybersecurity industry, we utilize such techniques to identify when devices begin engaging in “interesting” behaviors in the information security context. However, those same techniques could certainly be adopted to identify individuals and organizations with opposing interests to those performing clandestine monitoring. And it takes a stunningly small amount of information to make inferences.

Some companies in the security space have shown limited success detecting threats looking at nothing but flow data (basically a list of IP addresses interacting with each other and simple metrics for the protocols used to communicate).

With access to the “payload” of the communication, it becomes easy to identify things like the type of software being used and how it’s being used, even in encrypted communications. But what’s even scarier is the stunning number of personal details that are frequently and unknowingly leaked in normal web and email communication and can be captured with payload analysis.

To ask again, “Is there really a threat with Huawei helping to build the UK’s 5G network?”

The answer is a resounding: Yes.

Gary Golomb is co-founder and chief scientist at Awake Security (@AwakeSecurity). Throughout his career, he has led investigations and containment efforts into notable cyberattacks involving presidential campaigns, espionage, organized crime, state-sponsored actors and hactivists.