Huawei, Huawei. Huawei, Huawei. Feeling hot, hot, hot: US threatens to cut UK from intel sharing over Chinese tech giant

War over Middle Kingdom's 5G gear heats up

Analysis Fallout over a leaked decision by the UK government to allow equipment from Chinese manufacturer Huawei into Britain's "non-core" 5G networks has continued into a second week.

On Monday, deputy assistant secretary at the US State Department Robert Strayer told the press that as far as America was concerned there is no difference between core and non-core networks, and again issued a threat to withdraw intelligence sharing from the Brits if their government approves the use of Huawei networking equipment.

"It is the United States' position that putting Huawei or any other untrustworthy vendor in any part of the 5G telecommunications network is a risk," Strayer said. "If other countries insert and allow untrusted vendors to build out and become the vendors for their 5G networks we will have to reassess the ability for us to share information and be connected with them in the ways that we are today."

The statement comes amid a political row in the UK over how the decision to allow Huawei equipment onto the majority of its 5G networks emerged in public in the first place. The green light was was given at a secret meeting of the National Security Council (NSC) last week, but details found their way into journalists' hands so quickly that the decision itself was nearly overrun by outrage over the fact it leaked.

Those with the most to gain from leaking the information – those opposed to the decision, including cabinet ministers Jeremy Hunt, Sajid Javid, Gavin Williamson, Liam Fox, and Penny Mordaunt – have all denied being the source.

But in a sign that the process is being closely watched by all sides, the Chinese government used an editorial in the Global Times on Monday to make its views known on the leak's providence: the US intelligence services.

"The decision to involve Huawei in 5G is more likely a matter of loyalty to the US. Washington demands that all its allies suppress Huawei. Some contend these diplomatic considerations should dominate the UK's final decision," the editorial reads before stating:

"Such unprecedented leaks reflect the ability of the US to intervene in UK affairs. Washington can infiltrate the UK's most confidential meeting and leak the information to the press in order to trigger immediate resistance from the opposition."

Brexit Britain

On the one hand, this could be Beijing spit-balling or muddying the waters. Journalists were being quietly briefed on all sorts of issues last week, as GCHQ's National Cyber Security Centre was holding a computer security event in Scotland for the media at the time, and it was Britain's Daily Telegraph that broke the news of the NSC decision on Huawei.

On the other hand, it is an extraordinary thing to consider, bonkers even: that the US intelligence services have infiltrated the UK government at the most senior levels to the extent that cabinet ministers would put foreign interests ahead of their own government. But this is the era of Brexit Britain and anything is possible.

It would certainly be in the United States' interests to have the details of the NSC meeting made public immediately in order to rally support behind those opposed to Huawei in an effort to pressure UK prime minister Theresa May to change her mind before the policy is set in stone.

And the renewed threat to withdraw intelligence sharing – something that is unlikely to happen in reality – is seemingly geared to empower those in a position to pressure Theresa May to backtrack on the decision. May's government is highly unstable at the moment thanks to the ongoing Brexit mess and she needs as much political support as she can get.

The UK's decision is particularly important in the larger global battle between the US and China as it could prove to be the tipping point for a host of other countries in deciding whether to allow Huawei equipment into their next-generation mobile networks.

Europe has already made it plain that it will reject overt US pressure. EC president Jean-Claude Juncker said late last week that he would not block Chinese companies if they follow market rules. "We are not rejecting someone because he is coming from faraway, because he is Chinese, the rules have to be respected," Juncker told reporters when asked specifically about US pressure over Huawei and 5G networks.

Juncker's comment reiterate the position of German chancellor Angela Merkel who has also made it clear that she will not approve a ban on Huawei.

But the US campaign has had some success: Australia and New Zealand have agreed to a Huawei equipment ban and the reason they gave was the same being pushed by the US: that the equipment represents a security risk.

Broader topics

Other stories you might like

  • Cisco warns of security holes in its security appliances
    Bugs potentially useful for rogue insiders, admin account hijackers

    Cisco has alerted customers to another four vulnerabilities in its products, including a high-severity flaw in its email and web security appliances. 

    The networking giant has issued a patch for that bug, tracked as CVE-2022-20664. The flaw is present in the web management interface of Cisco's Secure Email and Web Manager and Email Security Appliance in both the virtual and hardware appliances. Some earlier versions of both products, we note, have reached end of life, and so the manufacturer won't release fixes; it instead told customers to migrate to a newer version and dump the old.

    This bug received a 7.7 out of 10 CVSS severity score, and Cisco noted that its security team is not aware of any in-the-wild exploitation, so far. That said, given the speed of reverse engineering, that day is likely to come. 

    Continue reading
  • Google battles bots, puts Workspace admins on alert
    No security alert fatigue here

    Google has added API security tools and Workspace (formerly G-Suite) admin alerts about potentially risky configuration changes such as super admin passwords resets.

    The API capabilities – aptly named "Advanced API Security" – are built on top of Apigee, the API management platform that the web giant bought for $625 million six years ago.

    As API data makes up an increasing amount of internet traffic – Cloudflare says more than 50 percent of all of the traffic it processes is API based, and it's growing twice as fast as traditional web traffic – API security becomes more important to enterprises. Malicious actors can use API calls to bypass network security measures and connect directly to backend systems or launch DDoS attacks.

    Continue reading
  • 5G C-band rollout at US airports slowed over radio altimeter safety fears
    Well, they did say from July, now they really mean from July 2023

    America's aviation watchdog has said the rollout of 5G C-band coverage near US airports won't fully start until next year, delaying some travelers' access to better cellular broadband at crowded terminals.

    Acting FAA Administrator Billy Nolen said in a statement this month that its discussions with wireless carriers "have identified a path that will continue to enable aviation and 5G C-band wireless to safely co-exist."

    5G C-band operates between 3.7-3.98GHz, near the 4.2-4.4GHz band used by radio altimeters that are jolly useful for landing planes in limited visibility. There is or was a fear that these cellular signals, such as from cell towers close to airports, could bleed into the frequencies used by aircraft and cause radio altimeters to display an incorrect reading. C-band technology, which promises faster mobile broadband, was supposed to roll out nationwide on Verizon, AT&T and T-Mobile US's networks, but some deployments have been paused near airports due to these concerns. 

    Continue reading

Biting the hand that feeds IT © 1998–2022