The head of the Australian Signals Directorate, the Down Under equivalent of America's NSA, has said Chinese vendors Huawei and ZTE would be a threat to critical infrastructure if they were allowed to take part in building the country's 5G networks.
In a rare public speech, ASD boss Mike Burgess said “a potential threat anywhere in the network is a threat to the whole network”.
It's “paramount” that Australia gets critical infrastructure security right, he said.
Without explicitly calling out China, Burgess said decisions to exclude “high risk vendors” from Australian infrastructure was was “supported by technical advice from our agency”.
Huawei long suffered under an informal ban from participation in Australia's National Broadband Network (NBN) project, before the restriction was publicly confirmed in 2013.
In August this year, ZTE and Huawei were both formally blocked from bidding for Australian 5G projects.
Burgess reiterated what prime minister Scott Morrison and communications minister Mitch Fifield said in August, that 5G network architecture blurs the distinction between “core” and “edge” elements. In older architectures, the ASD had tolerated “high risk vendors” in edge infrastructure, but blocked them from the network core.
Chinese Super Micro 'spy chip' story gets even more strange as everyone doubles downREAD MORE
The Australian Broadcasting Corporation reported Burgess' concerns extend to a future in which so-called “supply chain” attacks threaten infrastructure as broad as “health equipment, banking, traffic control systems, aviation and food transport and storage”.
However, when it came to the most-publicised supply chain attack of recent times, Bloomberg's sensational but contested claim that Super Micro servers were compromised by Chinese interests, Burgess joined the tribe of sceptics.
Asked by senator Alex Gallacher to comment on the issue in the Senate Foreign Affairs, Defence, and Trade Legislation committee, Burgess said: “there is, as we understand it, no substance to that article. Both the United States and the United Kingdom governments have said that that's the case, and the companies involved—Apple and others—have also said there is no evidence of this.”
His colleague, Australian Cyber Security Centre head Alex MacGibbon said the “there's no evidence from any of our allies that the assertions in the Bloomberg article are indeed correct,” citing the UK's National Cyber Security Centre and the US Department of Homeland Security. ®