Breach Preparedness , Critical Infrastructure Security , Cyberwarfare / Nation-state attacks

Trump Signs Executive Order That Could Ban Huawei

Commerce Department Bars Huawei From Buying US Components
Trump Signs Executive Order That Could Ban Huawei

U.S. President Donald Trump on Wednesday signed a long expected executive order that bans the purchase of telecommunication equipment from nations deemed to pose a spying risk.

See Also: Webinar | Beyond Managed Security Services: SOC-as-a-Service for Financial Institutions

The order, widely believed to target Chinese telecommunication vendor Huawei, gives the U.S. the power to ban any equipment that "poses an undue risk of sabotage to or subversion of the design." The Chinese company isn't named in the order, and no specific countries are mentioned.

"To deal with this threat, additional steps are required to protect the security, integrity and reliability of information and communications technology and services provided and used in the United States," Trump's order reads. "In light of these findings, I hereby declare a national emergency with respect to this threat."

The executive order increases the pressure on Huawei. In August 2018, Trump signed into the law the Defense Authorization Act, which included a provision that banned the U.S. government from using Huawei and another Chinese telecommunications company, ZTE equipment.

Huawei officials could not be immediately reached for comment.

"To deal with this threat, additional steps are required to protect the security, integrity, and reliability of information and communications technology and services provided and used in the United States."
—President Donald Trump

Trump's order comes amidst increasing tension with China. Earlier this week, the U.S. and China imposed billions of dollars in tariffs on each other's goods as part of a continuing tense dialog over trade.

It also comes as the U.S. is trying to dissuade the U.K. from using Huawei equipment for 5G mobile networking. The U.K. believes the risk is manageable and the equipment could be used for "noncore" purposes, but it does have concerns about Huawei's security practices. Meanwhile, Australia, New Zealand and Japan have barred Huawei and ZTE (see: Huawei's Role in 5G Networks: A Matter of Trust).

Over nearly a decade, the U.S. has ratcheted up pressure on China, accusing the country of running state-sponsored hacking campaigns that stole intellectual property of U.S. companies. Federal prosecutors have filed indictments against members of the Chinese military, and at times, photos of the accused as part of a high-profile strategy (see: US Again Indicts Chinese Intel Agents Over Hacking).

Chinese hackers have also been blamed for some of the largest data breaches in the U.S., including that of health insurer Anthem and the U.S. Office of Personnel Management (see: Chinese Men Charged With Hacking Health Insurer Anthem).

Huawei: Price Competitive

Huawei has developed into a telecommunications giant in part because of its price competitiveness. The Rural Wireless Association, which represents U.S. wireless carriers with less than 100,000 customers, urged against a ban in a December 2018 filing with the Federal Communications Commission.

The FCC is considering banning subsidies, which come from the Universal Services Fund, to rural carriers using vendors deemed to be a national security risk. But the RWA has argued that could hurt rural wireless broadband and "fundamentally fail to effectively protect national security."

Another complication in the 5G equation is that there aren't many companies that make the necessary switches and networking gear. Aside from Huawei, the other largest vendors are Ericsson and Nokia.

Huawei employees during morning exercises at the company's facilities in Songshan Lake in Dongguan, Guangdong, in 2017. (Photo: Huawei)

There have been persistent concerns that China's government may be able to force homegrown companies into helping with its espionage activities. Huawei has maintained that it does not assist the Chinese government in spying.

But two years ago, China passed its National Intelligence Law that appears to give the Chinese government power to compel companies to assist it, argues Murray Scot Tanner, a principal policy analyst for Alion Science and Technology in a July 2017 essay on Lawfare.

The fast data-transfer speeds of 5G networks could help to fuel new waves of innovation, from autonomous vehicles to the internet of things. Those networks will carry not only sensitive data, but life-critical data, and integrity of the networking equipment is crucial to preserve nations' national security (see: What's Riding on 5G Security? The Internet of Everything).

Aside from spying concerns, the U.K.'s signal intelligence agency, the National Cyber Security Centre, has said Huawei's equipment has "defects," which pose questions about the company's cybersecurity standards (see: Huawei Security Shortcomings Cited by British Intelligence).

The U.K. has yet to decide whether Huawei can be a 5G supplier. But the U.S. has warned that if it does allow Huawei, it could stop sharing intelligence with the U.K. In a February trip to Europe, Secretary of State Mike Pompeo and other U.S. diplomats warned other European nations against supply chain risks (see: US Intensifies Pressure on Allies to Avoid Huawei, ZTE).

Commerce Department Hits Huawei

Also on Wednesday, Reuters reported that U.S. Commerce Department put Huawei and 70 other affiliates on a list of those banned from buying U.S. components without the government's approval. Huawei would need to obtain a license.

Speaking at a conference in Washington on Tuesday, Commerce Department Secretary Wilbur L. Ross maintained that the dispute with China is not about a "clash of civilizations" but rather "fair versus unfair."

"Our trade dispute with China is also about making sure that our companies' most precious assets - namely, your intellectual property - is not stolen through cyberattacks, forced technology transfers, or state-sponsored industrial espionage," Ross said, according to his prepared remarks.


About the Author

Jeremy Kirk

Jeremy Kirk

Managing Editor, Security and Technology, ISMG

Kirk is a veteran journalist who has reported from more than a dozen countries. Based in Sydney, he is Managing Editor for Security and Technology for Information Security Media Group. Prior to ISMG, he worked from London and Sydney covering computer security and privacy for International Data Group. Further back, he covered military affairs from Seoul, South Korea, and general assignment news for his hometown paper in Illinois.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.in, you agree to our use of cookies.