Intelligence sharing with the US will be harmed if UK uses Huawei in 5G network, says former head of Homeland Security

Dominic Nicholls
A woman walks in front of the Huawei logo during during the 'Electronics Show at Ptak Warsaw Expo in Nadarzyn, Poland. May 10, 2019.  - REUTERS

If Britain allows Huawei to build Britain’s 5G network, the intelligence sharing relationship with the US will be harmed, the former US Secretary of Homeland Security has warned.

Governor Tom Ridge, who set up the US security department in the wake of the 9/11 terrorist attacks, said the western world is in a “digital war” with Beijing. 

He called on the incoming UK administration to review as a priority the decision to allow Chinese telecoms giant Huawei access to Britain's critical national infrastructure. 

Speaking in London of the risks to the close intelligence relationship between the UK and the US, he said: “It’s a complication. Much of the intelligence sharing is electronic and if you are relying on secure telecoms and they’ve got a front door, well I don’t know how many pigeons can fly across the Atlantic.

“It will affect intelligence sharing.”

Aerial view of data storage center for Huawei at the Guian New Area in Guiyang, Guizhou Province of China. The first phase of construction covers an area of 400,000 square meters, which will operate about 600,000 servers to store Huawei's management data from 170 countries. May 14, 2019. Credit: Visual China Group

Governor Ridge, a Vietnam veteran, said the opaque nature of the relationship between Huawei and the Chinese Ministry of State Security meant the UK would be offering China a “front door” into the telecoms system, with no need for “back door software bugs”. 

“Everyone’s excited by 5G but along with the promise of 5G there’s peril,” he said.

He was surprised that Britain was the only member of the 5-Eyes intelligence partnership of the UK, US, Canada, Australia and New Zealand, that had assessed the risks from Chinese involvement in 5G networks as manageable. 

He cited the example of Huawei’s installation of the cyber network in the African Union (AU)  headquarters in Addis Ababa, Ethiopia, in 2003. 

After a few months it was noted how Chinese trade envoys were surprisingly well informed of the AU negotiators’ positions and that the cyber network was most active between midnight and 3am, long after staff had left. 

A subsequent sweep for electronic bugs by a French security company showed a number of software vulnerabilities that had been sending data secretly back to Beijing. 

Governor Ridge called for spies from GCHQ, the US equivalent, the National Security Agency and cyber experts from Australia and New Zealand to meet urgently to review all the intelligence relating to Huawei. 

“The most important thing to do is to get the critical people in the 5-Eyes together instead of long distance, and challenge each other,” Governor Ridge said.

“There's nothing wrong with having two competitive analyses, but you do have to try to harmonise and rationalise it. 

“Don’t make a final decision until you sit down with our President and decide what is in our collective best interest.

“The employees of Huawei are pretty much public employees even though they’ve got Huawei t-shirts on.

“We’ve been through so much together historically that it would be foolish for us not to sit down as friends and allies and challenge each other. In the long term I think everybody would be on the same page.”

A Huawei store is seen in the terminal building of the new Beijing Daxing International Airport in Beijing. July 9, 2019.  Credit: GREG BAKER/AFP

Huawei – also known as Huawei Technologies, Inc. – is owned 100 per cent by Huawei Investment & Holding, a much smaller company with only a few hundred employees. This holding company is in turn co-owned by founder Ren Zhengfei, with nearly 1.01 per cent and a state-operated trade union, called Huawei Investment & Holding Company Trade Union Committee, with the remaining 98.99 per cent. The trade union officials are appointed by, and paid salaries from, the Chinese government. 

“If I were to look for the smoking gun of how the party influences Huawei’s leadership, I would look at the trade unions,” said Dr John Hemmings, a China expert at the Henry Jackson Society.

Dr Hemmings feared there has been no rational policy-making in the UK and that cost had been a major factor in pushing security aside. “The telecoms companies have run policy and the government has tried to keep up,” he said.

A parliamentary study in 2013 by Sir Malcolm Rifkind was warned by MI5 that China may try to exploit vulnerabilities in Huawei’s equipment in order to gain access to the BT network in the UK, “which would provide them with an attractive espionage opportunity”. 

A recent study on Huawei code by Finite State, a cyber security firm, found on average, Huawei devices had 102 known vulnerabilities inside their firmware, primarily due to the use of “vulnerable open-source and third-party components”. In virtually all categories studied, Huawei devices were found to be less secure than comparable devices from other vendors.

Huawei responded to the Finite State report refuting the allegations.