After publicly pressuring its allies to ban Huawei equipment in their 5G networks, US officials are now publicly accusing the Chinese telecom giant of being able to spy on mobile data. The allegations, reported by the Wall Street Journal on Tuesday, represent the first specific concern the US has articulated about Huawei after months of conceptual arguments.
The details around the accusation remain vague, indicating that Huawei may be able to spy on access points meant for law enforcement. US officials speaking to the Journal apparently declined to say whether the company had actually done so. But while suggesting a potential mechanism for improper surveillance does heighten the debate between the US and Huawei, it also hints at a deeper self-awareness on the part of US officials. In truth, the intelligence community fears Huawei for a fundamental reason: China will take whatever advantage it can, not unlike the US has done in the past.
US officials have previously said they didn’t need to justify their reservations about Huawei and the potential that the company’s equipment could contain Chinese government backdoors. But a number of US allies are taking a different approach to dealing with the telecom giant, hoping to manage the potential risks rather than banning Huawei equipment altogether. The United Kingdom, for example, has maintained an auditing facility in China for years adjacent to Huawei’s headquarters. And a UK security analysis from last year found that Huawei has more pressing security issues from sloppy, flawed code than from Chinese espionage. Meanwhile, the German legislature will soon vote on a bill that would allow Huawei equipment in German 5G infrastructure if the telecom makes promises about the integrity of its security protections.
Still, researchers say that it’s unclear what exactly the US is alleging on a technical level with its new allegations that Huawei maintains network access that other manufacturers don’t.
“We would need to have more details to be able to draw any conclusions,” says Lukasz Olejnik, an independent cybersecurity researcher and advisor. “We know that forms of technical lawful intercept are a feature of all generations of cellular telecom specifications. But it’s unclear what officials in the Wall Street Journal story are referring to exactly.”
If Huawei has been abusing law enforcement access capabilities to clandestinely gather or funnel user communication data, it would be an example of the types of backdoors US officials have warned against. Huawei has vigorously denied that it conducts wrongful surveillance or that it cooperates with the Chinese government by creating backdoors in its network systems. But US government officials have pointed out that China is an authoritarian state that maintains laws about corporate cooperation with government demands.
Furthermore, the US knows all too well that private companies can be infiltrated for espionage or technical control. Take the Swiss secure communications and equipment firm Crypto AG, which operated for decades under secret US intelligence control. Components of the scheme came to light over the years, but Crypto AG continued to operate until 2018, selling security tools with weakened encryption to foreign governments. In the most comprehensive expose on the operation to date, the Washington Post reported on Tuesday that Crypto AG was co-owned and managed from the 1940s by the CIA and West German intelligence (later the German agency, the BND) until the early 1990s, when the BND sold its stake to the CIA.
Crypto AG had a strong business selling security equipment to more than 120 countries, according the Washington Post, including India, Pakistan, and Iran. The Soviet Union and China never bought Crypto AG equipment, citing concerns about links to Western governments.