4 September 2019

Huawei believes banning it from 5G will make countries insecure

By Chris Duckett for Null Pointer 

Huawei may be lacking 5G contracts and 100 former employees in Australia as a result of its banning in 2018, but one thing it is certainly not lacking is gumption.

The Chinese giant's recently appointed chief technology and cyber security officer David Soldani said last week that Australia is set for a world of cyber pain.

"Blocking companies from certain countries does nothing to make Australia any safer from cybersecurity issues -- in fact it just makes things worse because they are not addressing the real issues on cybersecurity," Soldani said.

The CTSO warned that thanks to Huawei being ahead of its rivals in 6G research, it could see how insecure those networks could potentially be as the attack surface becomes larger.

"With the converge of management and control plane, AI will poses a significant impact on network security, as it might be exploited to launch more effective attacks, and in some scenarios, the security of AI systems is a matter of life and death," he said.


"Unlike security vulnerabilities in traditional systems, the root cause of security weaknesses in machine learning systems lies in the lack of explainability, which leaves openings that can be exploited by adversarial machine learning methods such as evasion, poisoning, and backdoor attacks.

"Attackers may also implant backdoors in models and launch targeted attacks or extract model parameters or training data from query results."

The wording from Soldari is particularly interesting, considering that the term backdoors is quite heated when placed next to the word Huawei.

Head to the nearest interview with founder Ren Zhengfei, and once again Ren repeats past assurances about not installing backdoors.

"I can assure you that I won't allow backdoors on our equipment," Ren told the UK's Sky News last month.

And yet, Huawei in Australia is warning that even if its 5G equipment is clean, there is a technology coming down the pipeline that can absolutely be backdoored, thanks to the black box of artificial intelligence.

Intelligence folks in Canberra who warned the distinction between edge and core networkswas diminished in 5G, will be positively high-fiving their foresight with Huawei's 6G warning.

"The distinction between core and edge collapses in 5G networks. That means that a potential threat anywhere in the network will be a threat to the whole network," then Director-General of the Australian Signals Directorate (ASD) Mike Burgess said in October.

"In consultation with operators and vendors, we worked hard this year to see if there were ways to protect our 5G networks if high-risk vendor equipment was present anywhere in these networks.

"At the end of this process, my advice was to exclude high-risk vendors from the entirety of evolving 5G networks."

Burgess has since moved up to become Australia's spy chief, as Director-General of Security for the Australian Security Intelligence Organisation (ASIO).

Before he returned to the ASD, Burgess was chief information security officer for Australia's incumbent telco, Telstra. Suffice to say that the new ASIO chief is fully up to speed on the cybers, especially in the telco space, and would be extremely unlikely to overturn a ban that he recommended.

However, Soldari claimed that banning companies would be counter-productive.

"It actually makes Australia less secure because it means we have to then increase our reliance on just one or two other vendors -- neither of whom are having their equipment tested," he said.

"Unless Australia changes it approach and adopts a standards and certification led approach to security then it will simply sleepwalk into a world of cybersecurity problems in both 5G and 6G for which it is totally unprepared."

It's an interesting piece of mind bending that Huawei is trying to push: By cleaning up its telco supply chain on a nationwide scale, Australia has made itself insecure. Or to put it another way, to fight a particular disease, don't focus on the vaccines, a cure is the only way to win.

A fortnight ago, Huawei Australia chair John Lord really turned up the mind bending when he told the ABC the local arm had legal advice that exempted it from Chinese laws.

"We are immune. We have two legal opinions that says it does not apply to us," Lord said.

"It definitely does not apply to us outside of China ... we can put our equipment in, it's operated by telcos who are in Australia, maintained by Australians and therefore, there is no way in the world any information in Australia will be handed over to any other government in any country, will be handed over to a foreign government."

If you think that Beijing would allow one of its own companies to refuse its demands under China's national security laws, or American companies would defy Washington during a national emergency, I think you are in the right frame of mind to purchase the Sydney Harbour Bridge: It's only had one owner, and has low mileage.

The best reason for Australia's Huawei ban was delivered by former Prime Minister Malcolm Turnbull in March, who said it was not done at the behest of another nation or for protectionist reasons, but because it defended Australia's sovereignty and as a "hedge against changing times".

"It is important to remember that a threat is the combination of capability and intent," Turnbull said.

"Capability can take years, decades to develop. And in many cases won't be attainable at all. But intent can change in a heartbeat."

As a western middle power glances around the world thinking about which countries could potentially turn hostile, the chances of China facing off against the west whether in a cyber or kinetic form is many orders of magnitude higher than Finland, Sweden, or South Korea -- the homes of Nokia, Ericsson, and Samsung respectively.

In a world where anyone telling you they know what will happen next week is either misinformed, lying, or both, who is to know what an authoritarian regime in the Middle Kingdom will decide to do, let alone the collection of unpredictable leaders running the Anglosphere.

Given these circumstances, prudence alone says Australia is better off trusting equipment from Stockholm, Seoul, or Helsinki than Huawei, if only to deny Beijing home ground advantage in our telco networks. It's the same reasoning that would see China glare at American equipment inside of its networks.

No comments: