Huawei the truth and the myth.

Huawei the truth and the myth.

Huawei the truth and the myth.

By Philip Ingram MBE

*** Edited 14th July 2020 to add in a paragraph about why the UK Government has made a decision to ban Huawei equipment from the UKs 5G Network***

We are hearing one name, causing news presenters angst when it comes to pronouncing it, in the press at the moment, it is that of the Chinese telecom giant Huawei. So why are government ministers interested in Huawei? Why are the 5 Eyes community talking about it so much? What is the truth and what is the hype? Finally is there anything else we should be worried about? Philip Ingram MBE, a former Senior British Intelligence officer who has worked with signal intelligence organisations, takes a look.

Techadvisor.co.uk said “You can’t ignore Huawei any more. With increasingly premium smartphones on the market,” the Chinese company is challenging Samsung, LG, Sony and Apple who according to analysis by consulting firm Counterpoint Research, it outsells globally.

Given this great accolade then why are the US Government putting certain Chinese companies under increasing scrutiny and even more. In February, FBI Director Chris Wray told the Senate Intelligence Committee that the FBI was “deeply concerned” about the risks posed by the Chinese phone and telecommunications equipment providers Huawei and ZTE. Both Huawei and ZTE have repeatedly insisted that their consumer devices don’t pose a security threat to the US or anywhere else across the globe. (ZTE like Huawei provide telecom infrastructure devices). The Australian Government has decided, reportedly on national security grounds, to exclude Huawei from involvement in their National Broadband Network.

Nothing New
In a report to the UK parliamentary Intelligence and Security Committee, the Security Service (MI5) said in 2008 that, theoretically, the Chinese State may be able to exploit any vulnerabilities in Huawei’s equipment in order to gain some access to the BT network, which would provide them with an attractive espionage opportunity. So the issue in the press today is nothing new!

Looking at the UK market, Huawei makes everything from the routers and switches that steer traffic across the internet, to BT’s green street cabinets, to the transmission equipment used in mobile phone masts. If you send an email from your home computer or make a mobile phone call, wherever you are in the UK, the chances are your private communications and data will be carried over Huawei equipment. However, it is not the private communications that concerns are being raised about. It is the linking of our national infrastructure across the 5G network.  5G is a step change in the ability to transmit high speed data and will enable our already connected life style to reach levels probably unimagined as yet.

On the back of that report, BT who control the communications infrastructure across the county, started a programme to strip Huawei equipment out of the current 3G and 4G networks and have not planned to put Huawei devices into the core of developing 5G Networks. However, Huawei hit back and opened the Huawei Cyber Security Evaluation Centre (HCSEC) (known as “The Cell”) in 2010 just outside Oxford and put it under the oversight of what was then called the CESG and is now NCSC, the public facing part of the UK’s GCHQ.

This is why in recent statements senior personnel from GCHQ have been able to say they had “a unique oversight and understanding of Huawei engineering and cyber security”. One of the major issues over Huawei engineering is around so called ‘back doors’ being engineered into the hardware on the orders of the Chinese Government, so that the Chinese had a secret method of taking control of the hardware when they wanted to.

This fear was enhanced when China introduced its new National Intelligence Law and in particular Article 7 of that law which states, “any organisation or citizen shall support, assist, and cooperate with state intelligence work according to law.” Then Article 14 says, ‘state intelligence work organs, when legally carrying forth intelligence work, may demand that concerned organs, organisations, or citizens provide needed support, assistance, and cooperation.” This just reinforces that the Chinese state can overrule Huawei’s claimed independence. Huawei continue to insist that the law is being mis-interpreted.

Back doors
This idea of back doors is nothing new and ‘The Cell’ has found no evidence of back doors being deliberately put in Huawei hardware and they have denied they would ever do so, even if there was pressure from the Chinese Government. One area that possibly leaves hardware vulnerabilities however, is in their basic engineering.

Dr Ian Levy, technical director of the National Cyber Security Centre (NCSC), said on BBC Panorama, “The security in Huawei is like nothing else – it’s engineering like it’s back in the year 2000 – it’s very, very shoddy and leads to cyber security issues that we then have to manage long term.” But what does shoddy engineering mean?

As electronics are developed rapidly and for the mass market therefore as cheaply as possible, development is happening continuously. That development is in the hardware – the physical bits connected together and the software. What many don’t realise is those bits are made of bits and individual chips with a role in a device have their own software giving instructions. Developers have ‘development backdoors’ on chips and component so that updates can be quickly coded or integrated and the sides are supposed to be closed down before the production version is manufactured. Frequently this doesn’t happen as it is another process and therefore cost and development is ongoing often even after manufacture has started, so chips are put into production devices with engineering flaws.

The second area is that security is not designed in at chip level. There isn’t enough coding room for this to happen. However, Huawei is not the only international giant with reported security flaws.

Not just Huawei

Last year there were several reports on the blogging site Reddit saying that some Samsung Galaxy S9 and Note 8 phones were sending users’ pictures to their contacts without their permission and linked the issue to the Samsung Messages app.

Then we had Google confirming that it allows some external software developers to read and analyse the inboxes of Gmail users. “External apps can integrate with Gmail, so customers have options around how they use their email,” director of security at Google Cloud Suzanne Frey said in a blog post.

So who is listening to your conversations?
On the 3rd of July 2018 in the UK Parliament, the UK Defence Secretary, Gavin Williamson was updating MPs on Syria was rudely interrupted, not by another MP, but by his iPhone’s AI App Siri which boomed out “Hi Gavin, I found something on the web for: ‘In Syria, democratic forces supported by coalition…”

Trying to make light of the interruption Mr Williamson said, “It is very rare that you’re heckled by your own mobile phone.” Very quickly afterwards sources close to the minister denied that having the voice recognition software switched on posed a security risk, saying he did not carry that phone during confidential and sensitive meetings.

However, what wasn’t said is if he has sensitive conversations on that phone or with people when the phone is in his pocket. It is always listening.

In 2015 Samsung again warned its customers about discussing personal information in front of their smart television set. The warning applied to TV viewers who control their Samsung Smart TV using its voice activation feature. Samsung said, “when the feature is active, such TV sets ‘listen’ to what is said and may share what they hear with Samsung or third parties.”

Many of these companies use Chinese made chipsets in their technologies.

Papers leaked from America’s National Security Agency (NSA) by Edward Snowden through Wikileaks, revealed that it had hacked into Huawei’s headquarters, obtaining technical information and monitored the communications of its top executives. One of the reported aims was to try and uncover vulnerabilities or back doors in the products to use them for US surveillance operations.

The US Hacks Huawei

This could be why the US director of national intelligence and heads of CIA, FBI, NSA gave public warnings, but it is likely they know more about Huawei than they would be willing to say publicly. There is a distinct possibility that they found vulnerabilities not just in the software run on the phones, but the firmware (the code that makes components talk to each other) and even in some cases the hardware, the components themselves.

The Chinese Government’s cyber capability is provided by the Strategic Support Force (SSF) and is the military organisation tasked with gaining a strategic advantage in the information and cyber domain via its Network Systems Department. Given Chinese government control over most of its industry and that has been clear reporting for many years that the Chinese government forces its domestic electronic equipment providers to hand over their source code, this will be used by the SSF to exploit vulnerabilities in devices globally. Linking this to the new law reinforces the suspicions with regard to Huawei.

More back doors.
However, when it comes to ‘backdoors,’ it is not the Chinese who have been found out recently. In 2018 five undocumented back doors were found in CISCO routers and detailed in a book entitled No Place to Hide,” by Glenn Greenwald, the journalist who originally broke the Edward Snowden story. Greenwald states that unbeknown to CISCO the NSA intercepts routers and network devices bound for overseas customers and “then implants backdoor surveillance tools, repackages the devices with a factory seal, and sends them on. The NSA thus gains access to entire networks and all their users.”

There is merit to being wary of any one nation having potential access no matter how small it is to critical communications networks by what ever means. However, what is clear is that every nation is at the espionage game and if Huawei routers are being used then possibly another manufacturers tampered with routers are not being used, blinding that intelligence agency.

They are just doing their job.
It is the remit of national intelligence agencies to gain an advantage and they will do so by what ever means. The whole intelligence game revolves around data. Data is key to everything so it can be analysed, cross referenced, processed, assessed and turned into intelligence. The Russians targeting priorities are to gain political advantage and steal military secrets the Chinese focus is primarily on intellectual property; President Trump has stated the US priority, “America First.”

Huawei deny any Chinese state control or vulnerabilities and set up an organisation staffed by UK security cleared personnel to test the equipment they attach into the critical national infrastructure (CNI) and that organisation is called “The Cell.”

Jerry Wang, CEO of Huawei in the UK, wrote to The Times: “Their accusations are a smokescreen for an attack on our recognised technological innovation. They are not based on security concerns, but a barely concealed protectionist trade agenda.”

 

** New**

New UK Ban

On 14th July 2020 the UK announced a decision to ban Huawei from the UK 5G network and this has been called a U Turn. It isn’t – it is a change in the situation.  The US Commerce Department amended an export rule to block shipments of semiconductors to Huawei to “strategically target Huawei’s acquisition of semiconductors that are the direct product of certain US software and technology.”

This rule stops any manufacturer that uses US software and technology from supplying Huawei without a US license (which will never be granted), cutting off many of Huawei’s trusted suppliers. This will cause Huawei to turn to potentially untrusted Chinese component suppliers increasing the potential vulnerabilities of Huawei systems.

The UK Governments decision is siting security correctly, but it is because of a changed security situation caused purely by US trade sanctions. The Huawei issue is nothing more than a move in a US/China trade dispute but enhanced by China’s move to ignore its treaty with the UK on Hong Kong and a message on its wider Human rights stance.

How can I assess this? On 09 July 2020 the UK Parliaments Science and Technology Committee interrogated Huawei about the risk. Huawei said they didn’t know where they were going to get the components to replace those affected by US sanctions from, but asked for a few more weeks to clarify that.  They haven’t been given that time, so in reality we don’t know if there would be an increased risk or not. We have just spent £2Bn on a decision that didn’t need to be made just yet!

**New paras end**

We have several elements to the current debate, espionage, a distinct probability but all sides do it. Trade, and security is an easy cry to scare the markets into protectionist trade policies. Manufacturing standards, whether one manufacturer should have a monopoly on critical elements of a network and with 5G the way we structure our future Satan enabled world.

One thing to remember about anything you process electronically on a device that is connected to any network, WIFI, mobile provider, is that that data may not be as safe and personal as you think. It is your choice as to what tech you buy but whatever your choice is, think security, think risk, think compromise.

 

If you would like any further comment from Philip, please contact him by clicking HERE

Who are the New IRA?

Who are the New IRA?

The New IRA is believed to have been responsible for a number of attacks in Derry in recent years, including an attempt to kill a police officer by planting a bomb under his car outside his home in 2017. It claimed responsibility for firing shots and throwing grenades at police during nights of disturbances in Derry last summer.

In January 2019 a car bomb exploded outside Derry City Court House, luckily injuring no one and causing little damage.  Two men in their twenties were detained hours after the explosion and two other men aged 34 and 42 were arrested in the city the next day. We have people in their nappies when the Good Friday agreement was signed at the front of this new terror wave.

In March 2019 five parcel bombs were sent from the Irish Republic to addresses in Great Britain, four were delivered, only one partially initiating when it was opened, and one was returned to a sorting office in the Republic of Ireland where it was discovered and dealt with.  The New IRA were blamed. 

Now, at the height of the Christian Calendar, the PSNI are blaming the New IRA for the death of Lyra McKee, a journalist covering nights of disturbance on the Creggan Estate in Derry, similar to what had happened last year.  Two teenagers were arrested for the shooting, at 18 and 19 they weren’t born when the Good Friday Agreement was signed 21 years ago. Somehow in those intervening years they were groomed into thinking republican terror was the way forward. That is clearly a rot at the centre of elements of the community and that rot killed Lyra McKee. 

Formed in 2012 following a merger between groups including the Real IRA and Republican Action Against Drugs (RAAD), which was predominantly active in the northwest of Northern Ireland, it has been responsible for the murders of two prison officers.

David Black (52) was shot dead as he drove to work in Co Armagh in 2012, while Adrian Ismay died 11 days after a bomb exploded under his van in Belfast in 2016.

The Real IRA, emerged toward the end of 1997 and were blamed forthe 1998 Omagh bomb, which claimed the lives of 29 people and unborn twins, the worst atrocity of the Troubles.

It was also claimed that the Real IRA were responsible for the deaths of two British soldiers in 2009 outside the Massereene Barracks in Antrim and has been linked to other gun attacks, bombings and other criminality across the UK and Ireland.

In 2014 Forbes Israel carried out a study into the wealth of terror organisations across the globe. Most dissident republican groups, such as the Continuity IRA and all of the loyalist terror groups failed to make the Forbes list.

Forbes Israel top 10 of terror:

1 Isis £1.3bn

2 Hamas £638m

3 Revolutionary Armed Forces of Colombia (Farc) £383m

4 Hezbollah £319m

5 Taliban £255m

6 Al-Qaeda and affiliates £96m

7 Lashkar e-Taiba £64m

8 Al-Shabaab £45m

9 Real IRA £32m

10 Boko Haram £16m

However, significantly the Real IRA came in at number 9 sandwiched between Al-Shabaab and Boko Haram with a £32 million annual turnover.   This money comes from extortion, smuggling, drug running, robbery and other organised criminal activities.  The link between serious and organised crime and terror couldn’t be clearer. 

The New IRA have no cause, they have no political agenda, they are fed by the politics of ‘nay’ espoused by all of the main political parties in Northern Ireland. They are a serious and organised criminal; organisation who, for kicks, use terror tactics to maintain a presence in society. They are no more than little bullies with guns and bombs extorting the future of the children of Northern Ireland. It’s time to stop. 

2019 a year of Security Uncertainty

2019 a year of Security Uncertainty

2019 a year of Security Uncertainty

By Philip Ingram MBE

If the security challenges for 2018 weren’t challenging enough what will 2019 bring? Last year we saw the first use of the deadly Novichok nerve agent anywhere in the world, making a household name of a substance only very few had heard of before. Then we have the growth of terror that Andrew Parker the Head of MI5 described as working at unprecedented levels and the CT Police highlighting that the number of active investigations going on at once had grown from 500 to over 700. We also see security challenges caused by Gatwick airport being shut for 36 hours over a peak holiday getaway period because of a drone or drones in its airspace.

So, what does 2019 hold for the Security community in the UK? More of the same or are we likely to see anything new?

The biggest challenge that is occupying many people’s minds is that of BREXIT and the implications that will have on wider security architecture.  Peter Franciscus Van-Osselaer, Head of Operations, European Counter Terrorism Centre, EUROPOL told Philip Ingram MBE that, “even in the event of a ‘no deal BREXIT,’ the UK had in place bilateral and other agreements to ensure security working arrangements would remain as close to as they are today with the UK in the EU. No one, not on the UK side or the EU side wanted to lose the working relationship that was in place today.”

Putting BREXIT to one side, the Cyber threat is all pervading through society, continually morphing and finding new ways to threaten networks, businesses and personally identifiable data. The biggest threat we are likely to see in 2019 is through Artificial Intelligence or AI. This will be three-fold, the first, the threat to AI enabled business practices, the second, the criminal use of AI to break into networks and the third is the use of AI to protect networks.

Tied into this growing risk area is the growth of the ‘attack surface’ through the proliferation of Internet of Things (IoT) devices, the always connected and everything connected society we seem to be growing into and this will become worse with the roll out of the 5G data network that is up to 1000 times faster than the current 4G networks.

The traditional ransomware and data theft attacks will continue but we will see a rise in manipulation attacks, manipulating data to create undue influence and potentially reputational damage.

Threats will range from the home based ‘geek’ through to state sponsored like we saw with Wannacry and notPetya and are seeing with increasing wariness for governments to allow tech giants with potential Chinese government influence such as Huawei and ZTE from increasing their access to faster networks such as 5G.  The clear message from these attacks are the threat state actors can have on not just enterprise businesses but also SME.  However, it is important to balance this ‘wariness’ out as nothing has been proved against the Chinese firms despite intensive testing whereas CISCO had 7 back doors discovered in their equipment’s in 2018, some of which were blamed on the NSA. Security vulnerabilities are as much an economic tool as they are spying tool.

The focus on alleged illicit state activity in the use of manipulated and targeted data in various elections around the globe is being investigated, 2019 will likely be the year of the consequences of those investigations becoming public.  However, what this is likely to do, is emphasise the potential of information being used as a weapon designed to cause an effect and in industry that effect could be reputational.  Public Relations will probably move a little more towards the centre of risk mitigation activities.

The closure of Gatwick Airport outside London for 36 hours before Christmas brought the drone threat firmly back onto the agenda.  The UK Civil Aviation Authority Drone Risk Assessment of January 2018 makes no mention of the use of drones to deliberately disrupt a working airfield and the lack of equipment to deal with the threat shocked a large number of people.  One airline working out of Gatwick say the incident cost then £15 Million but the full cost of the incident hasn’t been calculated yet.

A scare at London Heathrow Airport in January was dealt with in less than an hour with only one runway closed, but highlighted the very real threats that drones provide to the safe operation of airports and a after several incidents in the Middle East, the Emirates Authority for Standardisation and Metrology (ESMA) estimated the cost of closure at $100,000 per minute, meaning drone detection technologies would very quickly fall into the cost effective bracket!

Thank goodness our news headlines are not filled with stories of continuing successful terror attacks as seemed to happen in 2017.  However, the threat hasn’t gone away and in the words of Andrew Parker the head of the UK Security Service MI5, the threat has reached “unprecedented levels.”  This is reflected in the growth of active investigations from 500 in 2018 to 700 towards the end of the year and into 2019 with 3000 active suspects and another 20,000 on a terror watch list.

With the squeeze to near elimination of the ground so called ISIS held in Syria and Iraq it would be easy to assume the terror threat was waning. Not the case says Vasco Amador of the cyber Intelligence Company Global Intelligence Insight, who track extremists online.  “In recent months was have seen a relaunch of so-called ISIS cyber capability that used to be called the ‘United Cyber Caliphate’ and has been rebranded as the ‘Caliphate Cyber Shield’ with new leadership and new energy.  The groups they operate online have thousands of active followers across the globe,” he said.

The final security threat we must watch out for in 2019 falls into the unknown bracket. Who would have thought a deadly military grade nerve agent would have been used on the streets of England by another state. We don’t know what the next novel threat will be.  However, putting all security threats to one side – we can confidently predict that more people will be killed and injured by man-made and natural disasters, than will suffer similar consequences from any security incident. 2019 will certainly be an interesting year.

 

Click HERE to continue to the International Security Expos’ HQ Magazine for more great insights and content.