By F. Michael Maloof
WASHINGTON – The Chinese government has “pervasive access” to some 80 percent of the world’s communications, giving it the ability to undertake remote industrial espionage and even sabotage electronically of critical infrastructures in the United States and in other industrialized countries.
The Chinese government and its People’s Liberation Army are acquiring the access through two Chinese companies, Huawei Technologies Co. Ltd and ZTE Corporation, telecommunications experts have told WND.
With this access, the sources say, the Chinese are working on the other 20 percent. The two companies give the Chinese remote electronic “backdoor” access through the equipment they have installed in telecommunications networks in 140 countries. The Chinese companies service 45 of the world’s 50 largest telecom operators.
In 2000, Huawei was virtually unknown outside China, but by 2009 it had grown to be one of the largest, second only to Ericsson.
As a consequence, sources say that any information traversing “any” Huawei equipped network isn’t safe unless it has military encryption. One source warned, “even then, there is no doubt that the Chinese are working very hard to decipher anything encrypted that they intercept.”
Sources add that most corporate telecommunications networks use “pretty light encryption” on their virtual private networks, or VPNs.
One of the main suppliers of VPN technology is the U.S.-based company RSA, which recently had its own protocols breached by hackers.
The problem is compounded by the fact that companies communicating using VPNs with partner companies in countries such as Mexico “are probably leaking like sieves.”
“Any U.S. company that deals with a Mexican company or any foreign company in a country where Huawei has installed network equipment is potentially entirely compromised,” the source said.
And it doesn’t have to be a Third World country.
British Telecom apparently is a major user of Huawei equipment in its core networks and one of the biggest allied countries to the U.S. with numerous electronic business exchanges occurring on a daily basis among companies.
The electronic intrusions by the Chinese are done remotely through the use of the commercial networks set up by Huawei and ZTE that they have established in numerous countries.
Sources point out that the Chinese make use of telecommunications equipment from Huawei and ZTE very attractive by offering subsidized deals through Chinese banks at non-commercial terms with which Western companies cannot compete.
The Chinese banks, under the guidance of the Chinese government, then supply national telecommunications infrastructure and don’t seek payment on any of the equipment for years, informed sources say.
Similar Chinese government financing with Huawei and ZTE as the main beneficiaries reportedly is taking place also in Malaysia with DiGi, Globe in the Philippines, Megafon in Russia, Etisalat in the United Arab Emirates, America Movil in a number of countries, Tele Norte in Brazil and Reliance in India.
The method of financing has made deals using Huawei and ZTE equipment very attractive at a time when financing is restrictive unless other vendors can supply their own financing, which is becoming increasingly difficult to acquire.
America Movila and Reliance, for example, recently signed loan agreements for more than $1 billion with the China Development Bank, or CDB, which in turn is tied to the Chinese vendor equipment purchases from Huawei and ZTE.
Even the head of CDB recently commented that through its support for Chinese technologies companies such as Huawei and ZTE, the CDB has “become the principal source of finance of our country’s overseas investments.”
Sources pointed to two recent instances in Peru and Mexico in which their governments invested heavily in Huawei technology for their national telecommunications systems.
Nextel Peru had 3G communications technology installed by Huawei, giving the company the ability to “tap the vast potential of 3G and mobile broadband services,” according to a Huawei statement. Huawei also looks forward to upgrading the system with additional software as usage increases.
Similarly in Mexico, a source told of a $375 million bank loan from the CDB to fund a 3G network infrastructure to be built by Huawei on behalf of Nextel Mexico.
Nii Holdings, which owns Nextel Mexico, had signed agreements with Huawei to build Nextel Mexico’s 3G network.
“We believe this financing places us in a strong position to evolve our business while pursuing our growth initiatives in Mexico,” Gokul Hemmady, executive vice president and chief financial officer of NII Holdings said last year.
Under those conditions, “how do you differentiate between clever government business and state-sponsored cyber-espionage?” the WND source asked.
“I guess when you are dealing with the Chinese and their stated military aim is global cyber superiority, then it just flows like night to day,” source said.
Having Huawei install the systems in Peru and Mexico, the source said, provides a “perfect cover” for using the network equipment to inject viruses and bypass anti-virus protection, firewalls and other traditional security mechanisms.
He added that any U.S. company that deals with foreign countries that have incorporated Huawei and ZTE technology into their national telecom systems is in serious jeopardy of industrial espionage without knowing it. The problem is especially serious, he said, in this period of globalization in which companies deal routinely on a daily basis in the exchange of sensitive, proprietary information, potentially jeopardizing any protection of intellectual properties.
U.S. House probe
As WND previously reported, the potential for industrial espionage and sabotage through electronic backdoors has grabbed the attention of the U.S. House Intelligence Committee which has decided to investigate Huawei and ZTE.
The concern not only is in protecting proprietary information but the potential threat to critical U.S. infrastructure and national security.
Because of the concern, the U.S. Commerce Department late last year barred Huawei from participating in a project to build a national wireless network, a specialty of the company. While the Commerce Department has declined official comment on the basis for the decision, citing national security reasons, sources tell WND that the concern is the company’s connection to the Chinese People’s Liberation Army.
There also are allegations surfacing that Huawei may have attempted to bribe a U.S. government official, prompting an investigation by the Federal Bureau of Investigation, sources tell WND.
A report put out in March by the congressional U.S.-China Economic and Security Review Commission also had warned that Huawei and ZTE were examples of high technology companies the Chinese government could use to enter remotely into telecommunications systems and computers linked to them to gain undetected access to sensitive data.
It warned that the Chinese military, through its large Chinese telecommunications firms, has created an avenue for state-sponsored and state-directed penetrations of supply chains for electronics supporting U.S. military, government and civilian industry.
“Successful penetration of a supply chain such as that for the telecommunications industry has the potential to cause the catastrophic failure of systems and networks supporting critical infrastructure for national security or public safety,” the report said.
“Potential effects include providing an adversary with capabilities to gain covert access and monitoring of sensitive systems, to degrade a system’s mission effectiveness, or to insert false information or instructions that could cause premature failure or complete remote control or destruction of the targeted system.”
The report pointed out Chinese capabilities in computer network operations have advanced sufficiently to pose a genuine risk to U.S. military operations in the event of a conflict.
“PLA analysts,” the report said, “consistently identify logistics and C4ISR infrastructure as U.S. strategic centers of gravity suggesting that PLA commanders will almost certainly attempt to target these systems with both electronic countermeasure weapons and network attack and exploitation tools, likely in advance of actual combat to delay U.S. entry or degrade capabilities in a conflict.”
The report, titled “Occupying the Information High Ground: Chinese Capabilities for Computer Network Operations and Cyber Espionage,” said that many of the findings actually came from Chinese source materials, including authoritative PLA publications.
While Huawei has denied to WND that it has capabilities that are of concern to the House Intelligence Committee, sources point to a particular technology that Huawei has developed called Deep Packet Inspection, or DPI, which gives it and ZTE capabilities that pose potential threats to U.S. security.
DPI is the key technology in high-capacity data interception and mining, according to a WND source who viewed Huawei’s PowerPoint presentation.
The entire matter became an issue when Huawei last February spoke of its DPI capability in a PowerPoint presentation at the annual Intelligence Supportive Systems World Middle East and African Law Enforcement, Intelligence and Homeland Security conference in Dubai.
While Huawei’s presentation of its DPI capability was meant to show how it protected Huawei-equipped networks by detecting malicious code, WND sources say that the very same technology “can be very effectively used to conduct widespread industrial espionage and breach national telecommunications security.”
The magnitude of Huawei’s operations worldwide has alarmed national security specialists who say its covert capability to remotely access communications technology sold to the U.S. and other Western countries could disable a country’s telecommunications infrastructure before a military engagement.
Sources add that the Chinese government, through the company’s “electronic backdoor” of telecommunications networks, has the ability to exploit networks to steal technology and trade secrets, or even to sabotage electronic devices.
With this capability, China would be in a position to sabotage critical U.S. weapons systems and sensitive cyber sites, all of which could include intelligence or systems used by defense contractors doing work on behalf of the Department of Defense or the U.S. intelligence community.
The source referred to Huawei’s ability through its DPI technology for “data mirroring,” which was referred to in its presentation. The WND source said this was just “plain old interception.”
Experts say DPI generally is a restricted technology because it is so pervasive. It operates at what experts call “line speeds” of up to multiples of 10 gigabytes per second and can “read” every packet in a data stream.
“Once you have access to every piece of data in a data stream,” the WND source said, “you can do literally anything with it. You can copy it, you can restrict it, you can control it – all at line speed – without any degradation of the signal.
“The challenge really is dealing with the volume of traffic in high speed links, but with advanced software, folks managing DPI appliances in networks have the capability of using advanced techniques such as protocol identification to strip out the stuff they want,” the source added. “When I say ‘strip out,’ in the Chinese sense I mean intercept and copy.”
Huawei’s DPI presentation also referred to detecting and “block[ing] illegal applications” and referred to “VPNs,” or Very Private Networks, as an example.
VPNs interconnect remote networks through primarily public communication infrastructures such as the Internet. VPNs are a traditional way that users can bypass content security measures and provide secure access to corporate and government networks.
“And what is ‘blocking of illegal applications’ if it is not data interception, which has to occur in order to identify the traffic, and censorship,” the source added.
“Trying to hide all of this as Quality of Service monitoring is pretty feeble,” the security expert said. “And the risks of misuse are far too high, especially from a company with their demonstrated heritage in pirating software and hardware designs – a company that is run by a former military intelligence officer who refuses to appear in public or be interviewed, and a company taking massive Chinese government subsidies.”
The security expert also referred to Huawei’s offer of “Managed Network Service Contracts” in which the Chinese company “actually manages all aspects of operations.
“So, ‘who’ is the network operator that has visibility … and they are doing these basically in non-commercial deals,” he said.
“And why would any company consistently offer services at below cost unless they had some discrete government subsidy, perhaps with a quid pro quo, or other ulterior motives in monitoring and managing the communications infrastructure of any national carrier?” he asked.
He and other sources alleged that Huawei has bribed company executives and now government officials to win contracts.
The sources tell WND that not only was Huawei allegedly caught trying to bribe an apparent federal official, but the FBI has launched an investigation into the allegation.
Bribery of government officials, whether by U.S. companies to a foreign government official or foreigners toward U.S. government officials, is regarded as a serious violation of the Foreign Corrupt Practices Act, or FCPA.
Such an allegation dovetails with a similar experience by another source who told of an award by his company to do a major network security assessment of a certain country’s telecommunications network. He said that he and his colleagues were limited by the FCPA to only taking executives to dinner at a time when his company was competing with Huawei for a sizeable contract.
However, the source said that during the bidding process, Huawei put the company executives on private jets and gave them front row seats at the opening of the Beijing Olympics. After the deal was signed, he added, a number of “nice 600SL Mercedes were all delivered to (the company) headquarters.”
Previous WND reports extensively have documented the controversy.
A conference presentation by Huawei appeared to be a boast about hacking into systems and accessing or even manipulating data.
It was reported U.S. government agencies are unprepared to confront cyber war, since details about claims of “backdoor” access have been known for months.
Further, the “Occupying the Information High Ground” report said the Chinese military already has created an avenue for state-sponsored and state-directed penetrations of supply chains for electronics supporting U.S. military, government and civilian industry.
Also, it was revealed that fake electronic components from China have been found in thermal weapons sights delivered to the U.S. Army on mission computers for the Missile Defense Agency’s Terminal High Altitude Area Defense missiles.
Suspect electronic parts also were found in the Forward Looking InfraRed, or FLIR, Systems being used on Navy helicopters and other aircraft.
Senate investigators tracked some 1,800 cases of suspected counterfeit parts through the supply chain. It found that U.S. defense contractors had purchased many of the critical components from U.S. companies which in turn obtained them from Chinese firms but never subjected them to testing before handing them over to the U.S. military as part of their contract.
And another report said the issue appears to be connected to “unvetted independent distributors who supply electronic parts for critical military applications.”
F. Michael Maloof, staff writer for the WND/ G2Bulletin, is a former senior security policy analyst in the Office of the Secretary of Defense. He can be contacted at [email protected]