Original URL: http://www.theregister.co.uk/2012/09/14/huawei_zte_congress_hearing/

Huawei, ZTE clash with US over national security

How big a risk can it be given US telco kit-makers do their manufacturing in China?

By Phil Muncaster

Posted in Networks, 14th September 2012 05:45 GMT

Chinese telecoms kit makers Huawei and ZTE failed to allay the long standing national security concerns of Congressmen surrounding their access to the US market, at a high profile hearing in Washington on Thursday.

The two have been in the spotlight for almost a year as the US House of Representatives Select Committee on Intelligence investigated claims that the two are linked to the Chinese military.

Chairman Mike Rogers kicked things off by explaining that the “on-going onslaught” of network intrusions originating in China are “almost certainly the work of, or done at the backing of, the Chinese government”, and that the PRC has the motive to tamper with the global telecoms supply chain.

“We have heard reports about backdoors or unexplained beaconing from the equipment sold by both companies. And our sources overseas tell us that there is a reason to question whether the companies are tied to the Chinese government or whether their equipment is as it appears,” he added.

“Huawei and ZTE provide a wealth of opportunities for Chinese intelligence agencies to insert malicious hardware or software implants into critical telecommunications components and systems. And under Chinese law, ZTE and Huawei would likely be required to cooperate with any request by the Chinese government to use their systems or access for malicious purposes.”

In response, both firms claimed they were fully independent of any government or PLA interference, as was claimed in a recent Northrop Grumman report.

Huawei SVP Charles Ding offered the following:

As a global company that earns a large part of its revenue from markets outside of China, we know that any improper behaviour would blemish our reputation, would have an adverse effect in the global market, and ultimately would strike a fatal blow to the company’s business operations. Our customers throughout the world trust Huawei. We will never do anything that undermines that trust. It would be immensely foolish for Huawei to risk involvement in national security or economic espionage.

Let me be clear - Huawei has not and will not jeopardise our global commercial success nor the integrity of our customers’ networks for any third party, government or otherwise. Ever.

Both also bigged up their security credentials, adherence to advanced standards and on-going efforts to improve the quality of their equipment. They also pointed out quite pertinently that most of their Western rivals in the telecoms caper have their kit made in China.

“We respectfully suggest that the Committee’s focus on ZTE, to the exclusion of the Western telecom vendors, addresses the overall issue of risk so narrowly that it omits from the Committee’s inquiry the suppliers of the vast majority of equipment used in the US market,” said ZTE SVP Zhu Jinyun.

“ZTE should not be a focus of this investigation to the exclusion of the much larger Western vendors.”

However, the two were unwilling to budge on the most important matter – allowing investigators deeper access to business information to explain their relationship with the Chinese authorities, corporate structure, ownership operations and management.

“We were willing to work with both companies, to find a reasonable way to answer our documents requests. But the companies refused, apparently because to turn over internal corporate documents would potentially violate China’s state-secret laws,” said Rogers.

“It is strange the internal corporate documents of purportedly private sector firms are considered classified secrets in China. This fact alone gives us a reason to question their independence.”

Huawei’s Ding responded that “the requests also sought highly sensitive, proprietary business information, which, we respectfully submit, no responsible company, foreign or domestic, would voluntarily produce”.

So there we are. Short of both companies doing a monumental U-turn and allowing the US Committee access to this secret information, there seems little hope of a breakthrough.

Rightly or wrongly, the continued intelligence linking persistent cyber attacks on US organisations originating from China will likely keep US politicians from softening their stance, despite the large sums of money both firms are already ploughing into the US economy. ®