Posts Tagged ‘Chinese investment in Germany’

Germany Is Soft on Chinese Spying

December 10, 2018

Huawei has deep ties to the Chinese government. Berlin might let it build the country’s next generation of communications infrastructure anyway.

The logo of Chinese electronics company Huawei on Sept. 2, 2015 in Berlin. (John Macdougal/AFP/Getty Images)

The logo of Chinese electronics company Huawei on Sept. 2, 2015 in Berlin. (John Macdougal/AFP/Getty Images)

Last week, New Zealand decided to exclude the Chinese technology company Huawei from providing equipment to operate its 5G high-speed mobile network due to “significant national security risks.” The country follows Australia and the United States, which have also excluded Chinese companies from supplying 5G infrastructure.

In Germany, meanwhile, security has so far hardly played any role in the debate over the fifth generation of cellular technology. In the terms of reference published last week by the German Federal Network Agency for its 5G auction, security was not even included in the conditions for awarding the contract. In October, the government announced: “A concrete legal basis for the complete or partial exclusion of particular suppliers of 5G infrastructure in Germany does not exist and is not planned.”

That is dangerously misguided. As Australia’s intelligence chief has pointed out: “5G is not just fast data, it is also high-density connection of devices—human to human, human to machine and machine to machine.” 5G will carry communications we “rely on every day, from our health systems … to self-driving cars and through to the operation of our power and water supply.” 5G will be the backbone of our industries and societies. “Critical infrastructure” hardly gets more critical. And the security risks are accordingly high. Wherever Chinese technology companies supply 5G infrastructure, they will have access to huge volumes of sensitive data and industrial secrets—and there’s reason to think they would eventually be forced to spy on behalf of Beijing. The Chinese government could also use these companies to disrupt other countries’ infrastructure in a future conflict.

Given the massive cybersecurity and national security risks, the only responsible decision is for Berlin to follow the Australian, New Zealand, and U.S. lead and ban Chinese providers from the German 5G network. In doing so, Europe’s strongest economy would send a crucial signal to the rest of the European Union members that are grappling with the same decision.

Contrary to Huawei’s claims, the decisions by Australia, New Zealand, and the United States were not motivated by crude protectionism. In none of these three countries will domestic suppliers be the primary beneficiaries. The anomaly of the 5G market is that there is no leading U.S.-based supplier covering the full technological spectrum. The companies profiting from a ban on Huawei and ZTE are mainly two European companies: Nokia and Ericsson.

Still, those calling for banning Huawei face an uphill battle across Europe. Huawei has strong supporters (not least due to its very professional lobbying operation and deep ties within the political scene). It markets itself as a private company, which is organized as a cooperative and is in no way under the control of the Chinese state. Network operators such as Deutsche Telekom are among Huawei’s cheerleaders. Deutsche Telekom warns against excluding “high-performance suppliers” such as Huawei if the country wanted to build its 5G network quickly and at cost. Huawei already supplies much of the existing German 3G and 4G infrastructure.

For Deutsche Telekom and other network operators, the situation is clear: Huawei offers innovative and reliable products at highly competitive prices. Legally, Deutsche Telekom does not bear any liability for the security risks associated with Huawei technology. And the company does not care about the fact that Huawei’s price advantage is the result of a highly skewed playing field in China. In the world’s largest market, domestic providers control 75 percent of the market, giving them unbeatable economies of scale.

Remarkably, Huawei’s defenders also include the Federal Office for Information Security (BSI), Germany’s cybersecurity agency. Its president, Arne Schönbohm, believes the agency has the capabilities to check on whether suppliers meet security requirements, providing “technically substantiated statements of trust.” Huawei, for its part, describes itself as “the most audited company in the world.” The company offers to put its equipment through any inspection in testing centers jointly run with governments. Last month, they put one such center into operation in Bonn in cooperation with the BSI. Schönbohm was enthusiastic: “We welcome the opening of this laboratory, which enables a further and deeper technical exchange between Huawei and the BSI.”

His ebullience is misguided. The Bonn center follows the British model, where the Huawei Cyber Security Evaluation Centre has existed since 2010 controlled by the British intelligence service GCHQ, among others. Yet just this year, the British inspection report could give “only limited assurance” that Huawei products do not pose any risks to national security. This prompted the government to warn network operators that current rules could be changed and that certain suppliers (i.e., Huawei) could be excluded. Speaking about building Britain’s 5G network, just this week MI6 chief Alex Younger said the UK needs to take decision on “the extent to which we are going to be comfortable with Chinese ownership of these technologies.”

The final British decision is still pending, but the conclusion for Germany should be clear. If the British GCHQ, which is technically far superior to the German BSI, cannot issue a clean bill of health for Huawei, we don’t have to wait for the BSI’s own efforts. In the future, the testing centers will be in an even worse position. Checking for possible hardware backdoors will only be a small part of the job. Virtualization (and related software) will play a central role for 5G. And with weekly software updates, infrastructure operators will have a front door to compromise systems. No testing center would be able to check weekly software updates in advance.

For good reasons, the German intelligence services, unlike the BSI, take a far more critical view of the Huawei risk. They share the Australian intelligence community’s negative assessment, which, according to anonymously sourced reports in November, is based on at least one case of Chinese intelligence agents using Huawei employees to obtain access codes for a foreign network.

Source:https://foreignpolicy.com/2018/12/09/germany-is-soft-on-chinese-spying/

Related:

Advertisements

Germany Resists Pressure to Abandon Huawei

December 7, 2018

German officials were reportedly pushing earlier this year for their government to follow other countries’ lead and slap a ban on Chinese IT firm Huawei. But Berlin doesn’t seem inclined to bow to US pressure.

    
Logo von Huawei (Reuters/H. Hanschke)

Chinese multinational tech giant Huawei Technologies opened a new information security lab in the German city of Bonn last month. Some observers see the move as designed to butter up German regulators ahead of the country’s 5G mobile spectrum auction.

The German network regulator (BNetzA) is finalizing the terms for the 5G licensing round it plans to hold in the first quarter of 2019.

The total cost of building Germany’s 5G networks could be €80 billion ($91 billion) and this means high stakes for Huawei and its rivals Ericsson, Nokia, ZTE and Samsung.

Not too bothered

Germany doesn’t have its own indigenous telecoms hardware industry to speak of and maintains close trade and investment ties with Beijing.

The German interior ministry has said there is no legal basis to exclude foreign equipment providers from the country’s 5G system and no such measure is planned.

Read more: China’s Huawei finance chief arrested in Canada, faces extradition to US

There is no formal bilateral agreement on preventing commercial cyber espionage between Germany and China, but the number of known China-originated commercial cyber espionage attacks on German companies has dropped in the past two years, according to the Australian Strategic Policy Institute (ASPI).

This is corroborated by the Federal Office for the Protection of the Constitution (BfV), Germany’s domestic intelligence agency. The fall has been linked to an increase in Chinese foreign direct investment in high-tech and advanced manufacturing industries in 2016.

Former BfV head Hans-Georg Maassen has linked the decline to an increase in the use of legal tools for obtaining the same information, such as corporate takeovers.

“Industrial espionage is no longer necessary if one can simply take advantage of liberal economic regulations to buy companies and then disembowel them or cannibalize them to gain access to their know-how,” Maassen said.

But things may be changing. “The German public discourse around China has changed in the last year or so, not primarily rushed by the US,” cyber security specialist Raffaello Pantucci told DW. “The Germans have seen several cases where the Chinese have crossed a line.”

Read more: Exit the Dragon? Chinese investment in Germany

Pantucci believes the Chinese will now have difficulty winning the 2019 5G auction. “This puts the cat among the pigeons. No country can avoid this dilemma and I think it’s now very unlikely a Chinese firm will win.”

Huawei Australien (Imago/ZumaPress//Imago/M. Schwarz)Australia has cited national security risks with regard to Huawei

Issues in the UK, Australia and New Zealand

Britain’s BT Group said this week it will remove Huawei Technologies’ equipment from its core 4G network within two years and has also excluded Huawei from bidding for contracts to supply equipment for use in its core 5G network.

However, a ban remains unlikely in the UK, due to the advanced stage of Huawei’s involvement in 5G development in the country.

New Zealand has also rejected Huawei’s first 5G bid, citing national security risks while earlier this year, Australia banned Huawei from supplying 5G equipment for the same reason.

US pressure

The US is putting increased pressure on its political allies, including Germany, to exclude Huawei from their next-generation mobile networks. Washington has long said Huawei and ZTE, another Chinese hardware maker, are potential menaces to security and privacy.

US authorities have pointed to China’s national intelligence law, which they say could force Chinese companies to facilitate spying efforts in other countries. US authorities cited the issue when they blocked Broadcom’s hostile takeover of Qualcomm earlier this year.

In 2013, the US Commission on the Theft of American Intellectual Property estimated that the theft of Intellectual Property was $300 billion (€257 billion) annually, with 50 to 80 percent of the thefts attributed to China.

But why is it all such a big deal?

“Many states are concerned about using Chinese telecommunications and technology companies in critical infrastructure companies for a range of reasons,” Daniella Cave, a specialist on cyber security at ASPI, told DW.

Firstly, she says, the Chinese state has a history of aggressive and wide-ranging espionage and intellectual property theft.

Secondly, the national intelligence law they introduced in 2017 compels organizations and individuals to participate in intelligence activities and to keep secret the intelligence activities they are aware of.

Thirdly, there have been allegations that Chinese companies have been complicit, knowingly or unknowingly, in the theft of secrets and valuable government data, Cave says.

A double-edged sword

“I think the Chinese state’s introduction of the national intelligence law is going to place suspicion on the international activities of most of China’s large companies going forward,” Cave says.

“But it’s a double-edged sword for China, as the Chinese Communist Party has made it virtually impossible for Chinese companies to expand without attracting understandable and legitimate suspicion,” she adds.

Cave believes most developed states will be looking at ways in which they can move away from the use of Chinese products in their critical infrastructure.

“A lot of companies have already, and will continue, to look at ways in which they can minimize the risks to their supply chain by closely scrutinizing the hardware and software in their systems.”

https://www.dw.com/en/pressure-on-germany-as-uk-telecoms-company-shuns-huawei/a-46609010