#Huawei - Cybersecurity : 'Suspicion always haunts the guilty mind'

I have been advising Huawei for a number of years. Over that time I have been struck by the reluctance to adopt a fact-based approach to discussions about the company, writes Dick Roche.

The scorched earth approach of the current US administration is dangerous, foolhardy and illustrates a breadth taking double standard.

Shakespeare’s observation that “suspicion always haunts the guilty mind” applies.

The German public broadcaster ZDF and the Washington Post recently revealed an extraordinary arrangement entered into by the CIA and Germany’s Federal Intelligence Service, BND in 1970. The intelligence agencies bought the Swiss company Crypto AG whose products were widely used by governments around the world to ensure confidentiality in politically sensitive communications.  

The Post and ZDF investigation found that Crypto’s new owners inserted encryption weaknesses in its equipment allowing them to spy on the governments and state agencies of over 100 countries including many European states and to make a profit while doing so.  The CIA bought out the BND interest in the early 1990s and continued to profit in cash and intelligence from its Swiss investment until 2018 when it sold the company.

The revelations about Crypto barely merited a shrug from Washington or a blush from those who adhere to its line in the debate on Huawei.

The Crypto case should surprise nobody. The thousands of documents released by Edward Snowden in 2013 revealed extensive global US Internet and phone surveillance – on friend and foe alike- by US security agencies.

When directly challenged to produce evidence against Huawei US intelligence agencies see no need to do so: their suspicions are enough to go on as were their absolute convictions about ‘weapons of mass destruction’ in Iraq which did so much damage.

What are the facts?

Huawei is a remarkable company. Starting life in China as a small private company in 1987 it has become the leading global provider of information and communications technology (ICT) equipment and the second largest smartphone maker in the world.  It is a Fortune Global 500 company, ranked in the Top 100 Global Brands.

Huawei is a trusted partner of leading telecom operators in Europe and across the world. Its equipment is sold in 170 markets and serves over 3 billion phone users worldwide.

Research and development has been a key to Huawei’s success. Between 2009 and 2018 it spent over US $ 70 billion on R&D.

The company reinvests a minimum of 10% of annual revenues in R&D.

Huawei operates 23 research centres in Europe, is an active participant in EU research programmes and partners with over 150 European universities and research institutes. It has registered over 10,000 patents with the European Patents Office.  

In spite of its global status, Huawei is a private company owned by employees. 

Cyber security

The main focus of US attention on Huawei is cyber security in 5G.

Huawei has a solid track record in cyber security. It holds over 220 cyber security certifications globally.  It is the most audited, inspected, reviewed and critiqued global ICT equipment supplier in the world.

The attacks on Huawei ignore this and overlook the fact that the company does not operate telecom networks – it supplies ICT equipment, handsets and a range of other goods. The major global telecom operators who buy their equipment from Huawei care about their reputation and about network integrity– it would be commercial suicide not to do so.

In spite of the intense scrutiny that has been focused on it no ‘back-doors’ or malicious malware have been demonstrated in Huawei equipment.

US paranoia comes with a cost.

The US decision to ‘weaponise’ the global supply chain in its trade war with China poses a major threat to the rules based global trading system.  Major international players have signaled alarm at the damage than can be done.

In February, the president of the US semiconductor industry association urged those who say the damage of Mr. Trump’s policy is exaggerated “should talk to the U.S. semiconductor industry workers who are losing their jobs…”

The damage will not be confined to the US.  Huawei is a big customer for Europe. In 2018 it sourced goods and services valued at over €5.65 billion across Europe. It has committed to spending €35 billion sourcing services and parts from Europe between 2019 and 2023. Disturbing that it will hit European jobs.

Nick Read, Vodafone’s CEO urged EU Member States to consider who suffers the most if Huawei were to be blacklisted. In February he put the price tag of striping Huawei out of Vodafone’s existing UK network at €230 million. The cost for BT is estimated at over €570m.  Striping Huawei equipment out of existing networks across the EU 27 could cost EU consumers billions.

The cost does not stop with the adjusting existing infrastructure. Limiting the role of the world’s largest ICT supplier from Europe’s 5G build out will cut competition, limit equipment choice, impact on rollout timetables, and shove up costs.  Ironically limiting the number of suppliers could greatly increase security risks. 

Last year the American economist Jeffrey D. Sachs questioned the US attack on Huawei.  He warned that “stoking fears and acting on them rather than on evidence is the path to ruin”.  Sticking to rationality and evidence is, he suggested, the best way forward. He proposed that independent monitors are the better way to protect against treats.

The EU Commission 5G security toolbox launched in January proposes an approach to mitigating cybersecurity risks in Europe’s 5G networks that espouses an objective and fact based approach that looks very much in line with Sachs’ call for rationality and evidence.

Ultimately US policy on Huawei is not about cyber security, it’s about bare knuckle politics and the US belief in its right to determine global affairs and make nations bend to its will when determining their sovereign policies.

The outpourings from President Trump’s acting chief of staff, Mick Mulvaney, of Secretary of State Pompeo and US Defence Secretary Mark Esper in their efforts to strong-arm the UK government on 5G are a sign of what the EU Member States can expect in the weeks and months ahead as they determine their policies on 5G.

Cyber security is a complex issue – it is not a political football – forgetting that will be costly.

Dick Roche is a former Irish minister for European affairs and former environment minister.

Share this article: