“Perhaps, the most puzzling part of the [Belgian Intelligence Services] report is what it does not mention. Although most countries are extremely concerned about China investments in their Telecom infrastructure, the Belgian report is silent on this issue. Why, on earth, why?”
Intel Today (November 30 2018)
“The UK needs to take decision on the extent to which we are going to be comfortable with Chinese ownership of these technologies.”
MI6 chief Alex Younger (December 3 2018)
“Given the massive cybersecurity and national security risks, the only responsible decision is for Berlin to follow the Australian, New Zealand, and U.S. lead and ban Chinese providers from the German 5G network. In doing so, Europe’s strongest economy would send a crucial signal to the rest of the European Union members that are grappling with the same decision.”
Thorsten Benner — Director of the Global Public Policy Institute in Berlin (December 9 2018)
“Huawei shares with the Chinese state intimate and extensive knowledge of the foreign telecommunications systems it is involved with.”
General Michael Hayden — Former head of the U.S. National Security Agency
“If China would resort to putting Canadians to death to defend its corporate national champion, what might it do if the Chinese Communist Party had unfettered access to Canada’s vital communications networks?”
Richard Fadden — Head of the Canadian Security Intelligence Service spy agency from 2009 to 2013 (January 20 2019)
December 5 2018 — The United States, Australia and New Zealand have already blocked Huawei from building their new 5G networks on security grounds. On December 5, Britain’s BT Group said it would rip Huawei equipment from its core telecom network. Canada is also likely to ban Huawei and it is reported that Japan is expected to ban government use of products made by Huawei and ZTE over cybersecurity concerns.
So, why on earth has Europe been silent on this critical issue for so long? What are they waiting for? I am afraid that it will all depend on Germany’s decision.
On March 26 2019, the European Commission has recommended a set of operational steps and measures to ensure a high level of cybersecurity of 5G networks across the EU.
The Commission does not call for a European ban on global market leader Huawei, leaving it to EU countries to decide on national security grounds. Follow us on Twitter: @INTEL_TODAY
UPDATE (May 26 2020) — On Friday (May 22 2020), the U.S. Commerce Department announced that foreign manufacturers using U.S. chipmaking gear are required to get a license before being allowed to sell semiconductors to Huawei.
The consequences are enormous. Huawei is now fighting for survival.
“Survival is the key for us now,” said Guo Ping, rotating chairman at Huawei’s annual analyst conference on Monday.
“We will now work hard to figure out how to survive.”
In the UK, the National Cyber Security Centre has already concluded that the new US sanctions against Huawei will make it impossible to use the Chinese company’s technology as planned for 5G networks.
According to RUMINT, Downing Street will soon impose the total elimination of Huawei equipment in British phone networks by 2023.
European Telecom companies that had decided, despite the security risks, to build their 5G networks with Huawei equipment (because it was cheaper) are now going to regret that idiotic decision very bitterly.
These companies need to find a “Plan B” as well as hundreds of millions more to finance their 5G networks.
European telecom equipment makers — Ericsson of Sweden and Nokia of Finland — could be the big winners of this new development.
PS — In Brussels, Proximus — the main Belgian Telecom Operator owned primarily by the State (53%) — had planned to go ‘Full Huawei’ for their 5G network despite negative recommendations from the Intelligence Agencies.
RELATED POST: My Time to Fight — Going Full Che Against 5G
I recently wrote that the Belgian Government should sell all its shares of Proximus before these are worth no more than toilet paper. The clock is ticking… And by the way, shares of Proximus are already down 30% since I offered my opinion.
END of UPDATE
December 5 2018 — Huawei rejects any suggestion that the Chinese telecom giant might pose a threat to national security.
“Cyber security should not be politicized, and equipment vendors should not be treated differently based on country of origin.”
“We categorically reject we are a threat to national security,” a spokesperson for Huawei said.
“Can anyone in the U.S., in Canada, in Belgium or anywhere else show us any proof [of backdoors]?”
Not everybody is fully convinced yet… To trust, or not to trust, Huawei is a major issue regarding the cyber security of Western countries.
As Australia’s intelligence chief has pointed out: “5G is not just fast data, it is also high-density connection of devices—human to human, human to machine and machine to machine.” 5G will carry communications we “rely on every day, from our health systems … to self-driving cars and through to the operation of our power and water supply.”
5G will be the backbone of our industries and societies. “Critical infrastructure” hardly gets more critical. And the security risks are accordingly high. Wherever Chinese technology companies supply 5G infrastructure, they will have access to huge volumes of sensitive data and industrial secrets—and there’s reason to think they would eventually be forced to spy on behalf of Beijing.
The Chinese government could also use these companies to disrupt other countries’ infrastructure in a future conflict. (FP)
And yet, this important issue has received very little attention in Europe so far. The reasons are simple. Huawei has done a very good job at lobbying key politicians. And, as a rule, network operators are among Huawei’s top cheerleaders.
On December 3 2018 (Monday), MI6 chief, Alex Younger expressed concerns over Chinese technology companies being involved in the UK’s communications infrastructure.
On December 1st 2018, Meng Wanzhou, the CFO of Huawei and the daughter of Huawei founder Ren Zhengfei, has been arrested in Vancouver, Canada. Her arrest was not revealed by the Canadian authorities until Wednesday (December 5 2018).
On Wednesday (Dec. 5 2018), BT Group announced that will remove Huawei Technologies’ equipment from its core 4G network within two years and has also excluded Huawei from bidding for contracts to supply equipment for use in its core 5G network.
On Friday (December 7 2018), two Belgian Newspapers (L’Echo and De Tijd ) revealed that the Belgium Centre for Cybersecurity [CCB] is considering the possibility of banning Huawei from Belgium.
The CCB has requested, through both national and international channels, objective studies showing that the use of Huawei technology carries risks, before being able to send out detailed advice.
Also on Friday, Japanese media reported that Japan is expected to ban government use of products made by Huawei and ZTE over cybersecurity concerns.
Huawei accounted for 28 percent of the mobile infrastructure market last year, according to IHS Markit, with Ericsson at 27 percent and Nokia on 23 percent. Fourth-placed Chinese ZTE Corp, with 13 percent, is subject to similar pressures and poorly placed to pick up the slack. The chief technology officer at Canada’s Telus has estimated that Huawei’s low-cost products have reduced global equipment prices by at least 15 percent.
Clearly, a ban of Huawei will benefits Nokia and Ericsson. On Friday (Dec. 7 2018), the shares of these company went up by 5 percent.
Who will disagree with Thorsten Benner — Director of the Global Public Policy Institute in Berlin — when he writes:
The conclusion for Germany should be clear. If the British GCHQ, which is technically far superior to the German BSI (Federal Office for Information Security ), cannot issue a clean bill of health for Huawei, we don’t have to wait for the BSI’s own efforts.
In the future, the testing centers will be in an even worse position. Checking for possible hardware backdoors will only be a small part of the job. Virtualization (and related software) will play a central role for 5G. And with weekly software updates, infrastructure operators will have a front door to compromise systems. No testing center would be able to check weekly software updates in advance.
For good reasons, the German intelligence services, unlike the BSI, take a far more critical view of the Huawei risk. They share the Australian intelligence community’s negative assessment, which, according to anonymously sourced reports in November, is based on at least one case of Chinese intelligence agents using Huawei employees to obtain access codes for a foreign network.
Chinese National Intelligence Law of 2017 stipulates that “all organizations and citizens shall, in accordance with the law, support, cooperate with, and collaborate in national intelligence work, and guard the secrecy of national intelligence work they are aware of.”
On Friday (Dec. 7 2018), European Commission Vice President Andrus Ansip said that Europe should be worried about Chinese telecom vendors like Huawei due to growing concerns about cybersecurity risks.
“I think we have to be worried about these companies. They have to cooperate with their intelligence services.
This is about mandatory backdoors. I was always against having those mandatory backdoors. It is about chips they can put somewhere to get our secrets.
We don’t know exactly what the reason was to arrest somebody (Huawei Chief Financial Officer Sabrina Meng) in Canada.
It’s not a good sign when companies have to open their systems for some kind of secret services. As normal ordinary people, of course we have to be afraid.”
According to Bloomberg, Germany’s coalition government has concerns about letting Huawei supply 5G equipment. Officials are looking at potential changes to rules or standards that would affect Huawei, but it is controversial within government.
In France, government departments are rethinking the country’s relationship with Huawei. Earlier this year Digital Affairs Minister Mounir Mahjoubi said phone carriers should work with European equipment-makers.
UPDATE (December 16 2018) — Germany’s IT watchdog has expressed scepticism about calls for a boycott of Chinese telecoms giant Huawei, saying it has seen no evidence the firm could use its equipment to spy for Beijing, news weekly Spiegel reported Friday (December 14 2018).
“For such serious decisions like a ban, you need proof,” the head of Germany’s Federal Office for Information Security (BSI), Arne Schoenbohm, told Spiegel, adding that his agency had no such evidence.
Schoenbohm said BSI experts had examined Huawei products and components from around the world.
They had also visited Huawei’s newly opened lab in Bonn, where German clients can inspect the firm’s cyber security measures and the software behind its products.
But some observers raised eyebrows at the BSI’s apparent dismissal of cyber security risks concerning Huawei.
“I believe it’s wrong to suggest that the concerns about Chinese espionage are unfounded and easy to detect,” telecom security expert Ronja Kniep told AFP.
“Even if Huawei has no official relationship with the Chinese government, that doesn’t mean Chinese services aren’t using the company and its technology as vehicles for espionage.”
All three of Germany’s main mobile network operators use infrastructure provided by Huawei, Spiegel pointed out.
So, How do you make sense of this madness?
Although his predecessors were physicists, mathematicians and cryptologists, Schoenbohm is the first economist in this office.
According to IT expert Sandro Gaycken, “his technical expertise is close to zero.”
UPDATE (December 19 2018) — On Friday (December 14 2018), France’s wireless carrier Orange announced that it would not hire the Chinese telecom giant to build its 5G network.
Orange CEO Stéphane Richard told reporters in Paris that the security concerns about Huawei are legitimate.
“I absolutely understand that all our countries and the French authorities are preoccupied [with Huawei]. We are too,” he said.
On Monday (December 17 2018), the Czech cyber watchdog warned network operators against using products made by Chinese telecom equipment suppliers Huawei and ZTE.
“China’s laws … require private companies residing in China to cooperate with intelligence services, therefore introducing them into the key state systems might present a threat,” Dusan Navratil, director of the Czech National Cyber and Information Security Agency (NCISA), said in a statement.
Germany’s Deutsche Telekom – Europe’s largest telecommunication company – said it is reviewing its relationship with Huawei.
Deutsche told Reuters in a statement: “Deutsche Telekom takes the global discussion about the security network equipment from Chinese vendors very seriously.”
UPDATE (January 11 2018) — Poland has arrested a Chinese employee of Huawei and a Polish national involved in cyber-business on allegations of espionage.
Poland security services have searched the local offices of Huawei, as well as those of the telecoms company Orange Polska.
The Polish national is a former agent of the internal security agency.
“Polish security agents searched the Warsaw offices of Huawei and Orange, Poland’s leading communications provider, where the former Polish security expert recently worked, seizing documents and electronic data,” the AP wrote.
“The homes of both men, also in Warsaw, were also searched, according to [Internal Security Agency] spokesman Stanislaw Zaryn.”
Both people “carried out espionage activities against Poland,” a Polish government official told the AP.
Reports identified the Huawei employee as Weijing Wang and the Polish man as Piotr D. Each person could face up to 10 years in prison if convicted, the AP wrote.
Wang reportedly worked at a Chinese consulate in Gdansk from 2006 to 2011, and he’s been at Huawei since then.
UPDATE (January 14 2018) — Norway is considering whether to join other western nations in excluding China’s Huawei Technologies from building part of the Nordic country’s new 5G telecommunications infrastructure.
“We share the same concerns as the United States and Britain and that is espionage on private and state actors in Norway,” Justice Minister Tor Mikkel Wara told Reuters.
“This question is high priority … we want to have this in place before we build the next round of the telecom network.”
“Yes, we are considering the steps taken in other countries, that is part of it – the steps taken in the United States and Britain.”
UPDATE (January 18 2019) — Poland’s internal affairs minister, Joachim Brudzinski, believes that the European Union and NATO should agree on joint position towards Huawei.
“There are concerns about Huawei within NATO as well. It would make most sense to have a joint stance, among EU member states and NATO members,” he said.
“We want relations with China that are good, intensive and attractive for both sides.”
Until now, many European politicians have dismissed the idea that Huawei engages in espionage on behalf of China.
The spectacular arrest of a senior Huawei official in Poland involved in old-fashioned espionage – not just cyber-theft – in tandem with a former Polish senior intelligence officer shows — beyond a shadow of a doubt — that the allegation is well founded.
UPDATE (January 20 2019) — Richard Fadden — the head of the Canadian Security Intelligence Service spy agency from 2009 to 2013 — wrote today that Canada should ban China’s Huawei from supplying equipment to the country 5G networks.
“Canada’s government should ignore the threats and ban Huawei from Canada’s 5G networks to protect the security of Canadians,” he wrote in the Globe and Mail.
“If China would resort to putting Canadians to death to defend its corporate national champion, what might it do if the Chinese Communist Party had unfettered access to Canada’s vital communications networks?”
Chancellor Angela Merkel’s administration is now actively considering stricter security requirements — and other ways — to exclude Huawei from Germany 5G network.
In the Netherlands, the General Intelligence and Security Service has issued a warning against Chinese espionage, spurring a government probe into the telecom sector’s dependence on foreign technology.
UPDATE (January 28 2019) — Today, The U.S. Justice Department has unsealed two indictments on Monday against China’s Huawei Technologies Co Ltd, several of its subsidiaries and its chief financial officer Meng Wanzhou, in a pair of cases accusing the company of everything from bank and wire fraud to obstructing justice and conspiring to steal trade secrets from T-Mobile US Inc.
The White House is preparing an executive order to declare a national emergency that would bar U.S. companies from using telecommunications equipment made by China’s Huawei and ZTE. That order could come as early as next month.
U.S. Congress is also considering anti-Huawei bills. A bipartisan group of U.S. lawmakers introduced bills in January that would ban the sale of U.S. chips or other components to Huawei, ZTE Corp or other Chinese telecommunications companies that violate U.S. sanctions or export control laws. (Note: Huawei doesn’t manufacture its own chips.)
Today, French European Affairs Minister Nathalie Loiseau spoke about the security issues related to Huawei. “Europe must act as one on Huawei,” she said.
Last week, French foreign minister Jean-Yves Le Drian declared that France is aware of the risks of China’s Huawei Technologies access to next-generation mobile networks and will take measures when the time comes.
European telecommunications companies are increasingly nervous about a very plausible ban on Huawei equipment. Experts believe that such ban would delay the arrival of the 5G networks by two years.
European telecoms companies like Huawei because it equipment is good, and most importantly much cheaper than its competitors. Of course, some wonder why?
Huawei’s competitors are mostly Ericsson AB, Nokia Oyj, Cisco Systems Inc. and Samsung Electronics Co.
UPDATE (February 7 2019) — According to La Stampa newspaper, Italy will ban China’s Huawei Technologies and ZTE Corp from playing a role in the roll out of the country’s 5G infrastructure.
In order to do so the Italian government is ready to use so-called golden powers that allow it to pull out of contracts already signed without having to pay penalties, the paper said, citing the senior sources.
La Stampa newspaper cited sources as saying “strong pressure” had come from the United States.
UPDATE (March 12 2019) — The US has told Germany it would curb intelligence sharing with Berlin if it allows Huawei to participate in its 5G mobile network.
The warning came in a recent letter from the US ambassador to Germany seen by the Wall Street Journal.
In the letter to Germany’s economics minister dated last Friday, US ambassador Richard Grenell said secure communications systems are essential for defence and intelligence co-operation, and that firms like Huawei could compromise this. [BBC]
In his letter, ambassador Grenell recommends that Berlin should consider rival bids by companies belonging to American allies, such as the Swedish telecommunications equipment manufacturer Ericsson, Finland’s Nokia Corporation, or the South Korean Samsung Corporation.
UPDATE (March 16 2019) — The German intelligence agency BND has stated that Huawei is not a trustworthy partner and should not be a part of the country’s 5G network deployment. The agency bases this on “security-relevant incidents” from the past.
BnetzA — the German regulatory body responsible for telecommunications — is expected to launch the auction for 5G bands on March 19, 2019.
420MHz total will be auctioned off from the 2GHz and 3.6GHz bands. However, uncertainty about who will provide the hardware may cause a delay in the auction.
RELATED POST: Germany — The BND Operational Structure 
At the end of January, Philippe De Backer — the Belgian Minister for Telecommunications — announced that the 5G auction will be delayed to 2020, and perhaps later. A clear and convincing explanation for this extraordinary delay was never provided.
Next week, the European Council is widely expected to recommend a joint position of all member countries on this issue. Stay tuned!
UPDATE (March 26 2019) — BRUSSELS – On Tuesday, the European Commission simply recommended that EU countries should share more data to tackle cybersecurity risks related to 5G networks.
The European Commission ignores U.S. calls to ban Huawei Technologies and merely suggests that EU Member States should conduct a risk analysis on 5G infrastructure in their countries by the end of June 2019 and exchange that information so as to develop a continent-wide risk analysis.
Belgium’s cybersecurity watchdog, the Centre for Cybersecurity Belgium (CCB), is currently analysing the security of infrastructure sold by the Chinese telecoms giant, which equips networks such as Proximus and Orange.
“So far there is no information to make us say there is a technical risk with Huawei products in Belgium,” CCB Deputy Director Phédra Clouner said.
Member States should complete their national risk assessments by 30 June 2019 and update necessary security measures. The national risk assessment should be transmitted to the Commission and European Agency for Cybersecurity by 15 July 2019.
In parallel, Member States and the Commission will start coordination work within the NIS Cooperation Group. ENISA will complete a 5G threat landscape that will support Member States in the delivery by 1 October 2019 of the EU-wide risk assessment.
By 31 December 2019, the NIS Cooperation Group should agree on mitigating measures to address the cybersecurity risks identified at national and EU levels.
Once the Cybersecurity Act, recently approved by the European Parliament, enters into force in the coming weeks, the Commission and ENISA will set up the EU-wide certification framework. Member States are encouraged to cooperate with the Commission and ENISA to prioritise a certification scheme covering 5G networks and equipment.
By 1 October 2020, Member States – in cooperation with the Commission – should assess the effects of the Recommendation in order to determine whether there is a need for further action. This assessment should take into account the outcome of the coordinated European risk assessment and of the effectiveness of the toolbox.
The national risk assessments and measures should consider various risk factors, such as technical risks and risks linked to the behaviour of suppliers or operators, including those from third countries.
“National risk assessments will be a central element towards building a coordinated EU risk assessment.”
EU Member States have the right to exclude companies from their markets for national security reasons, if they do not comply with the country’s standards and legal framework.
UPDATE (April 17 2019) — Belgium’s centre for cybersecurity has found no evidence that telecoms equipment supplied by Huawei Technology could be used for spying.
“Until now we have not found technical indications that point in the direction of a spying threat,” a spokesman for the agency said on Monday.
“We are not providing a final report on the matter, but are continuing to look into it.”
Is this a joke? No, it is not.
“A final report on the issue will not be produced,” CCB spokesperson Katrien Eggers said.
So what will happen now in “Belgistan”?
Prime Minister Charles Michel (MR-Reformed Movement) had previously stated, in answer to a parliamentary question on the Belgian position vis-à-vis Huawei, that he was waiting for the CCB analysis.
Considering that there will not be a final report, the ball is in the Prime Minister’s court. It is up to Michel to take position on the Chinese giant on the basis of the CCB evaluation.
The Prime Minister’s spokesperson did not respond to this question addressed by the Flemish newspaper.
According to well informed source, the Belgian CCB people are so incompetent that it is said that they could not find their ass with both hands, a map and a flashlight… I am afraid this is deadly serious.
UPDATE (May 17 2019) — Dutch intelligence and security service AIVD is investigating whether Chinese technology company Huawei has been involved in espionage in the Netherlands, due to concerns that the company has a hidden backdoor to customer data at one the Netherlands’ three largest telecom providers.
The national coordinator for counter terrorism and security NCTV is currently conducting a risk analysis for the use of foreign telecom technologies, the results of which are expected later this month.
Bart Jacobs — a professor of computer security at Radboud University, in Nijmegen — told De Volkskrant the discovery of a “back door” to customer data sounded “like a smoking gun with possible geopolitical consequences”.
The Volkskrant reports that a joint report by the AIVD and the Dutch military intelligence service, MIVD, has concluded that it would be “undesirable” for the Netherlands to be dependent on IT products and services from countries that have been determined to conduct “offensive cyber programmes against Dutch interests”.
UPDATE (October 30 2019) — On Tuesday (October 29 2019) Bruno Kahl — the president of the BND (Germany’s Federal Intelligence Service) — gave a public testimony in Berlin.
Taking questions from a panel of lawmakers overseeing German intelligence agencies, Kahl was asked about the risk level of Huawei’s presence in the expanded 5G network and its ties to the government in Beijing.
“The trust in a state company that has a very high level of dependence on the Communist Party and the country’s intelligence apparatus is not present.”
“The ability of authorities to determine whether equipment contained backdoor features that could be exploited by China is very limited if not to say hopeless.”
“Even if it were possible, a software update could immediately alter the network and open it to sabotage or espionage.”
Speaking at a technology conference in Dortmund, Merkel said that the Federal Network Agency will announce shortly how companies will have access to reserved 5G frequencies.
Ericsson debacle exposes costs of anti-Huawei push — Reuters (Dec 7 2018)
Germany Is Soft on Chinese Spying — FP (Dec 9 2018)
5G — Will European Countries Ban Huawei?
5G — Will European Countries Ban Huawei? [UPDATE : German IT watchdog Denies Espionage Risks]
5G — Will European Countries Ban Huawei? [UPDATE : Czech cyber watchdog Calls Huawei a Security Threat]
5G — Will European Countries Ban Huawei? [UPDATE : Poland arrests Huawei worker on allegations of spying for China]
5G — Will European Countries Ban Huawei? [UPDATE : Norway considering whether to exclude Huawei]
5G — Will European Countries Ban Huawei? [UPDATE : Poland calls for joint EU-NATO stance]
5G — Will European Countries Ban Huawei? [UPDATE — Canada Former Spy Chief : “Ignore the threats and ban Huawei”]
5G — Will European Countries Ban Huawei? [UPDATE — U.S. unseals indictments against Huawei]
5G — Will European Countries Ban Huawei? [UPDATE — Italy to ban Huawei from its 5G plans]
5G — Will European Countries Ban Huawei? [UPDATE — US Warns Berlin to Drop Huawei]
5G — Will European Countries Ban Huawei? [UPDATE — German Intelligence Agency : “Huawei Is Not Trustworthy”]
5G — Will European Countries Ban Huawei? [UPDATE — EU Drops Threat of Huawei Ban]
5G — Will European Countries Ban Huawei? [UPDATE — Belgian cybersecurity agency finds no threat from Huawei]
5G — Will European Countries Ban Huawei? [UPDATE — Netherlands : Intelligence service investigating Huawei espionage]
5G — Will European Countries Ban Huawei? [UPDATE — Germany Spy Chief: Huawei can not be trusted]
5G — Will European Countries Ban Huawei? [UPDATE –UK to fully ban Huawei from 5G Networks]