Tag Archives: security



This summer has been hot in Canada, but – if you excuse mixing cliches – it’s nothing like the heat Chinese networking equipment manufacturer Huawei has been facing.

Last week the Globe and Mail reported unnamed senior government officials as saying Prime Minister Justin Trudeau is “increasingly alarmed” about the national security threat the company’s products may pose and is working with other Western countries to limit Huawei’s ability to become a leader in next-generation 5G wireless networks.

Among the concerns, the Globe says, is that under Communist Party law, Chinese companies must work for their intelligence agencies if requested. There are worries Huawei equipment in sensitive parts of government networks could be used to steal data, or shut down communications.

Not only has U.S. national security advisor John Bolton stressed the need for joint American-Canadian policy on Huawei, the paper reported, but earlier in June a senior U.S. senator reportedly asked the director of the U.S. National Security Agency to “educate” members of the Five Eyes intelligence sharing countries — including Canada – about the threat posed by Huawei.

In May the Globe carried an extensive feature on Huawei Canada’s funding of wireless research in Canadian universities, raising questions about whether the Chinese company is using professors and students here to gain 5G intellectual property.

Meanwhile, according to Reuters last month, Australia (another Five Eyes member) may forbid Huawei from supplying equipment for its planned 5G broadband network. And in Britain, where the government established a Huawei Cyber Security Evaluation Centre seven years ago to examine and mitigate potential risks posed by Huawei products in U.K. critical infrastructure, the centre’s oversight board said in its latest report that certain technical issues have been found in the manufacturer’s engineering processes that have led to new risks. Four issues – two low-rated finding and two advisory issues – were raised in this report. One of the main ones was the lack of lifecycle management over third-party components.

Reports like these frustrate Scott Bradley, Huawei Canada’s vice-president of corporate affairs, who said the company keeps its nose clean. “We do not bid on Canadain federal government contracts,” he said in an interview. When asked why, he said that “through the course of the last decade we’ve understood that it’s important for us to focus on areas of business where we believe we can be competitive” in Canada … “we recognize there are sensitive areas where we wouldn’t necessarily go and bid for government contracts.”

Instead, it focuses on selling handsets and networking equipment to the country’s carriers. Sales of network equipment to enterprises is only a small part of the Canadian operation.

As for the worries about funding wireless research in universities, Bradley said what is being paid for and received is open for inspection. “We’ve always felt what better way can you be transparent” than fund work at a university, he said. “They are being given pretty significant insight into what we are trying to develop … We basically are opening up what we are doing from a research perspective … That is the barometer of how you can be more open.”

Among the most recent announcements, Ontario’s Seneca College signed a long-term deal last December to deliver training programs for Huawei partners on the company’s products and solutions; Carleton University agreed to expand its Huawei Canada Research Centre to include 5G communications research (see below); and Huawei joined the Centre of Excellence in Next Generation Networks outside Ottawa, joining Cisco Systems, Juniper Networks, Mitel Networks and major telcos among others. Huawei also sponsors a pre-game NHL show on Rogers.

“We work openly and transparently with the government of Canada, and have for a decade, to ensure that we operate in a manner that is consistent with the objectives of the Canadian government,” said Bradley. “We also recognize that our goal is to work within a competitive ICT [information and communications technologies] ecosystem. Every indication we have certainly reflects what we believe is an objective to have a competitive ICT ecosystem in Canada, and we operate within that environment.”

When it was suggested that because the company can operate here isn’t inconsistent with the government having a security worry about critical infrastructure, Bradley replied that “in some key areas, such as critical infrastructure, we’ve been working with the government to ensure what we are doing is meeting their requirements.”

“We only go by what we are told by the government of Canada,” he said – which so far hasn’t banned carriers from using Huawei equipment. “We hope that the fact that we operate in Canada suggests we are doing everything we need to do to meet the requirements of the government in the security front. If there were security issues we would not be operating in Canada.”

He wouldn’t comment on the allegation that Chinese companies could be forced to work with the country’s intelligence agencies.

Russia, China hacking allegations

Allegations by some Western governments about Huawei dates back years, but today it comes amid increasing reports of China and Russia hacking into critical infrastructure in a number of countries. It’s no coincidence that as U.S. intelligence agencies mount more evidence of Russian hacking surrounding the 2016 federal election and an allegation that Russia was behind cyber attacks on U.S. utilities that products from Moscow-based Kaspersky has been banned from U.S. government departments. Similarly the U.S. has blamed China for the massive heist of government personnel files in 2015 from the Office of Personnel Management, and Canada has blamed China for the 2014 hack of the National Research Council.

Former Canadian national security advisor Richard Fadden is among those who have also been giving public warnings about the two countries. At an urban security conference in February in Toronto he said Russia and China “ are going to change the world in a fundamental way” in part through using the Internet for espionage “and to a limited degree support for terrorism.”

Bradley appeared to be referring to this obliquely when he said “obviously there’s a lot going on globally as it relates to other countries … It is a complex geo-political environment right now. Most Canadians understand and recognize the complexity that exists globally.”

How this affects Huawei networking equipment sales to carriers or businesses in North America is a question. Canadian telecom analyst Mark Goldberg wouldn’t talk about Huawei specifically, but he did say the issue of corporate buying of network equipment in general leads to the need for security certification of electronic devices.

“The complexity of software systems is such that there is ultimately an issue of trust in the ethics of the suppliers,” he said in an email. “Is it possible for code to be written for communications devices in a way that permits undetectable eavesdropping, espionage or other forms of nefarious behaviour? I think we would have to be naive and somewhat arrogant to think that we could test for such code in a lab. Is there motive for state or corporate actors to behave badly given the opportunity? The answer to that has to be ‘yes’, so it comes down to corporate ethics and an examination of the record of these suppliers.

“When we look at mutual funds, we are generally warned that past performance should not be used as an indicator of future behaviour. However, in the case of looking at companies that are supplying critical infrastructure, the history of corporate performance should probably be part of the security checklist. Would you trust them to safeguard your deepest secrets, your corporate assets, your government communications infrastructure?”

‘Do your own testing’

Networking industry analyst and consultant Zeus Kerravala said he advises enterprises that “the [U.S.] government has issued warnings about Huawei but there really isn’t any proof. It’s similar to what the Chinese are saying about U.S. companies where they could be spying on China. It’s all conjecture and speculation with no proof. However, I believe, until this is settled, if a company is on the fence, then don’t do it (buy from Huawei).

“If there is a compelling reason to buy it, then bring it into your labs and then do their own testing. Huawei makes very good products but so do other vendors.”

Ultimately, Bradley said, the attacks on Huawei are partly political and partly competitive. His company and Ericsson are the only major manufacturers able to deliver 5G networking equipment, with others hoping to get a piece of the pie. “It should also be assumed – some of our customers know this – that our competitors are doing everything they possibly can to keep us out of the marketplace. They don’t want us in the marketplace because we make great products and we are competitors.”

So does Huawei feel it’s being ganged up on? No, Bradley replied. The opportunity for 5G is huge. It will be a transformative technology, with sales worth billions. As a result, he said governments are working out their policies. But, he repeated, “as competitors try to find an edge they will do whatever they can to grab that market.”

“We know people are looking at us. We have no choice but to conduct our operations and our research in the best and most positive ways possible. If we didn’t do that we would not be here.”

Original article can be found on itworldcanada.com.

Written August 10, 2018