According to a report from The Economist, Chinese telecommunications giant Huawei is working with intelligence agencies in the UK to quell possible concerns of the government about usage of its hardware in infrastructure deployments. Experts and former employees of the Government Communications Headquarters (GCHQ) are working with a department established by the company to vet Huawei’s devices for backdoors and security holes. The vetted devices are often installed by British Telecom (BT), which is a major customer of the Chinese firm.
Huawei is seen with scepticism by many observers in Europe and the US. The Economist‘s report cites concern over the company’s ties to the People’s Liberation Army which has led intelligence officials to theorise that the Chinese government is using the company’s international networks to spy on governments and corporations from other countries.
They have also voiced concerns that in case of open war, the Chinese government might use its influence over Huawei to disable the company’s equipment built into infrastructure across the world. The European Commission is also considering investigating the company under suspicion that the Chinese government is subsidising it to allow Huawei to displace its competitors in European markets by artificially lowering the prices of its products.
Some of these concerns might be seeded by Huawei’s competitors, however. Companies such as Cisco, Ericsson, Nokia-Siemens and Alcatel-Lucent all have a vested interest in seeing their Chinese competitor under suspicion. There is also the aspect which The Economist calls the industry’s “dirty little secret”: almost all of these manufacturers actually produce their devices in China. The magazine suggests that being suspicious about Huawei alone “may make politicians feel good, but it is no guarantee of security”.
Huawei’s security is also under the microscope of security researchers; most recently an examination of consumer/soho routers revealed numerous vulnerabilities and bad security practices embedded into the devices. The security experts Felix “FX” Lindner and Gregor Kopf analysed firmware from the device and found over 10,000 unsafe calls to the sprintf function alone.