By F. Michael Maloof
WASHINGTON – The U.S. House Intelligence Committee will investigate two major Chinese telecommunications equipment companies – Huawei Technologies Co. Ltd and ZTE Corp. – to determine their links to the communist government and whether their products, embedded in critical U.S. infrastructure, threaten U.S. national security.
The committee fears that the equipment the companies sell on the U.S. market could enable the Chinese government to conduct espionage and even sabotage of the nation’s infrastructure through an “electronic backdoor,” a prospect WND recently exposed in a series of articles.
“The fact that our critical infrastructure could be used against us is of serious concern,” said Rep. Mike Rogers, chairman of the House Intelligence Committee.
Because of this concern, the U.S. Commerce Department late last year barred Huawei from participating in a project to build a national wireless network, a specialty of the company. While the Commerce Department has declined official comment on the basis for the decision, citing national security reasons, sources tell WND that the concern is the company’s connection to the Chinese People’s Liberation Army.
There also are allegations surfacing that Huawei may have attempted to bribe a U.S. government official, prompting an investigation by the Federal Bureau of Investigation, sources tell WND.
A report put out last March by the congressional U.S.-China Economic and Security Review Commission also had warned that Huawei and ZTE were examples of high technology companies the Chinese government could use to enter remotely into telecommunications systems and computers linked to them to gain undetected access to sensitive data.
It warned that the Chinese military, through its large Chinese telecommunications firms, has created an avenue for state-sponsored and state-directed penetrations of supply chains for electronics supporting U.S. military, government and civilian industry.
“Successful penetration of a supply chain such as that for the telecommunications industry has the potential to cause the catastrophic failure of systems and networks supporting critical infrastructure for national security or public safety,” the report said.
“Potential effects include providing an adversary with capabilities to gain covert access and monitoring of sensitive systems, to degrade a system’s mission effectiveness, or to insert false information or instructions that could cause premature failure or complete remote control or destruction of the targeted system.”
The report pointed out that Chinese capabilities in computer network operations have advanced sufficiently to pose a genuine risk to U.S. military operations in the event of a conflict.
“PLA analysts consistently identify logistics and C4ISR infrastructure as U.S. strategic centers of gravity suggesting that PLA commanders will almost certainly attempt to target these systems with both electronic countermeasure weapons and network attack and exploitation tools, likely in advance of actual combat to delay U.S. entry or degrade capabilities in a conflict.”
That report, titled “Occupying the Information High Ground: Chinese Capabilities for Computer Network Operations and Cyber Espionage,” said that many of the findings actually came from Chinese source materials, including authoritative PLA publications.
Meantime, a spokesman for Huawei has denied to WND that the company has such a capability.
In an email to WND, Bill Plummer, vice president for External Affairs at Huawei Technologies, denied that a presentation made last February by Huawei at the Dubai Intelligence Supportive Systems World Middle East and African Law Enforcement, Intelligence and Homeland Security conference was actually an ability to intercept and extract data, allowing the company to steal sensitive information or even alter the function of computer systems where the company’s products are embedded, as some specialists who saw the briefing stated to WND.
The briefing centered on Huawei’s capabilities using a particular technology called Deep Packet Inspection, or DPI.
DPI is the key technology in high-capacity data interception and mining, according to a WND source who viewed Huawei’s PowerPoint presentation.
While Huawei’s presentation of its DPI capability was meant to show how it protected Huawei-equipped networks by detecting malicious code, WND sources say that the very same technology “can be very effectively used to conduct widespread industrial espionage and breach national telecommunications security.”
In denying this assertion, Plummer sent to WND the following statement, which is presented in its entirety:
Yet more unfortunate fact-twisting. For the record, with respect to the Huawei presentation referenced: Huawei was presenting a detailed overview of how customers can use a range of technologies to improve the performance of their networks, create value for their customers, and differentiate themselves from competitors. As is commonly and broadly understood, DPI enables operators to understand the performance of their systems and the usage by their customers – there are no capabilities to redirect or copy customer traffic. And, contrary to the representations in the article but consistent with common understanding, all capability is under the total control of the operator, including the installation of DPI software. These are facts.
Huawei has operations in some 140 countries and serves 45 of the world’s 50 largest telecom operators. It is the second largest supplier of mobile telecommunications infrastructure equipment in the world after Ericsson.
The magnitude of its operations worldwide has alarmed national security specialists who say Huawei’s covert capability to remotely access communications technology sold to the United States and other Western countries could disable a country’s telecommunications infrastructure before a military engagement.
Sources add that the Chinese government through the company’s “electronic backdoor” of telecommunications networks has the ability to exploit networks to steal technology and trade secrets, or even to sabotage electronic devices.
With this capability, China would be in a position to sabotage critical U.S. weapons systems and sensitive cyber sites, all of which could include intelligence or systems used by defense contractors doing work on behalf of the Department of Defense or the U.S. intelligence community.
To these security experts, however, Plummer’s statement to WND “is (Huawei’s) standard line.”
“But critical examination of their high level intelligence contacts, their business practices, their intercept and remote management technology and their government’s clearly stated cyber-warfare capabilities is certainly sufficient for any prudent operator of National Communications Security Agency or regulator to be extremely cautious,” one knowledgeable source told WND.
“But their presentation speaks very differently and folks who ‘know’ Huawei networks, also know differently,” he said.
“Of course, as a strategy, Huawei is spending up large around the world, hiring highly reputable figures to join their executive ranks. Naive folks who are retired from honorable professions – ex-military, ex-politicians, ex-government CIOs etc. and have little or no personal technical expertise (or are well and truly shielded from Huawei’s true operations) and are being turned into puppets by Huawei seeking credibility in the security space,” he added.
Experts say that DPI generally is a restricted technology because it is so pervasive. It operates at what experts call “line speeds” of up to multiples of 10 gigabytes per second and can “read” every packet in a data stream.
“Once you have access to every piece of data in a data stream,” the WND source said, “you can do literally anything with it. You can copy it, you can restrict it, you can control it – all at line speed – without any degradation of the signal.
“The challenge really is dealing with the volume of traffic in high speed links but, with advanced software, folks managing DPI appliances in networks have the capability of using advanced techniques such as protocol identification to strip out the stuff they want,” the source added. “When I say ‘strip out,’ in the Chinese sense, I mean intercept and copy.”
Huawei’s DPI presentation also referred to detecting and “block[ing] illegal applications” and referred to “VPNs,” or Very Private Networks, as an example.
VPNs interconnect remote networks through primarily public communication infrastructures such as the Internet. VPNs are a traditional way that users can bypass content security measures and provide secure access to corporate and government networks.
“And what is ‘blocking of illegal applications’ if it is not data interception, which has to occur in order to identify the traffic, and censorship,” the source added.
“Trying to hide all of this as Quality of Service monitoring is pretty feeble,” the security expert added. “And the risks of misuse are far too high, especially from a company with their demonstrated heritage in pirating software and hardware designs – a company that is run by a former military intelligence officer who refuses to appear in public or be interviewed, and a company taking massive Chinese government subsidies.
“And a critical point that Plummer has neglected to comment on is the increasing trend and business focus by Huawei to offer ‘Managed Network Service Contracts’ as part of their network rollouts,” the WND source said.
“These are contracts where Huawei actually manages all aspects of operations. So, ‘who’ is the network operator that has visibility…and they are doing these basically in non-commercial deals,” he said.
“And why would any company consistently offer services at below cost unless they had some discrete government subsidy, perhaps with a quid pro quo, or other ulterior motives in monitoring and managing the communications infrastructure of any national carrier?” he asked.
He and other sources alleged that Huawei has bribed company executives and now government officials to win contracts.
The sources tell WND that not only was Huawei allegedly caught trying to bribe an apparent federal official but the FBI has launched an investigation into the allegation.
Bribery of government officials, whether by U.S. companies to a foreign government official or foreigners toward U.S. government officials, is regarded as a serious violation of the Foreign Corrupt Practices Act, or FCPA.
Such an allegation dovetails with a similar experience by another source who told of an award by his company to do a major network security assessment of a certain country’s telecommunications network. He said that he and his colleagues were limited by the FCPA to only taking executives to dinner at a time when his company was competing with Huawei for a sizeable contract.
However, the source said that during the bidding process, Huawei put the company executives on private jets and gave them front row seats at the opening of the Beijing Olympics. After the deal was signed, he added, a number of “nice 600SL Mercedes were all delivered to (the company) headquarters.”
“I note that Plummer doesn’t comment on (how) Huawei penned a deal … and shortly after that,” the source said, “there was a fleet of 600SL Mercedes rolling up to the (foreign company’s) head office and were handed to the (company’s) executives.”
Previous WND reports extensively have documented the controversy.
A conference presentation by Huawei appeared to be a boast about hacking into systems and accessing or even manipulating data.
It was reported U.S. government agencies are unprepared to confront cyber war, since details about claims of “backdoor” access have been known for months.
Further, the “Occupying the Information High Ground” report said the Chinese military already has created an avenue for state-sponsored and state-directed penetrations of supply chains for electronics supporting U.S. military, government and civilian industry.
Also, it was revealed that fake electronic components from China have been found in thermal weapons sights delivered to the U.S. Army on mission computers for the Missile Defense Agency’s Terminal High Altitude Area Defense missiles.
Suspect electronic parts also were found in the Forward Looking InfraRed, or FLIR, Systems being used on Navy helicopters and other aircraft.
Senate investigators tracked some 1,800 cases of suspected counterfeit parts through the supply chain. It found that U.S. defense contractors had purchased many of the critical components from U.S. companies which in turn obtained them from Chinese firms but never subjected them to testing before handing them over to the U.S. military as part of their contract.
And another report said the issue appears to be connected to “unvetted independent distributors who supply electronic parts for critical military applications.”
F. Michael Maloof, a frequent G2Bulletin contributor, is a former senior security policy analyst in the Office of the Secretary of Defense. He can be contacted at [email protected]