Advertisement
Advertisement
Australian Prime Minister Scott Morrison speaks during a cabinet meeting at Parliament House in Canberra, Australia, 28 August 2018. Photo: EPA-EFE
Opinion
Henry B. Wolfe
Henry B. Wolfe

Australia should reverse its Huawei 5G ban

The ban was made under the pretext of protecting national security, yet there is no evidence that Huawei gear is insecure

This week, 600 delegates from the organisation that sets standards for the world’s telecommunications industry will meet on Australia’s Gold Coast. Their goal: to ensure that the next generation of mobile technology – 5G – will adequately serve the country’s businesses and households.
Unfortunately, the Australian government has just made that outcome less likely. Amid a leadership shake-up last month, it blocked Huawei Technologies, a Chinese company whose technology underpins mobile broadband for about half of all Australians, from building the country’s future 5G networks.

The ban was made under the pretext of protecting national security, yet there is no evidence that Huawei gear is insecure. Because it is headquartered in China, Huawei has undergone more scrutiny than any other information and communications technology supplier in the world. In several markets, including the UK, its source code is reviewed by independent security experts. In the 31 years since its founding, no public evidence of wrongdoing has ever come to light. Canberra’s decision to ban the company was purely political.

Australian citizens will be paying for that decision for decades to come. 5G will form the basis of future broadband networks. By keeping a leading 5G provider out of its market, Australia has reduced the country’s supply of telecommunications infrastructure just as demand for 5G is starting to grow.

Basic economics dictates that when supply drops, costs rise. Perhaps that is why Americans live with the second-highest prices in the world for mobile phone services. In the US, 90 per cent of wireless infrastructure sales are made by just two companies, Ericsson and Nokia. Meanwhile, the quality of US mobile services, measured by download speeds, is ranked 61st in the world, after Chile, Egypt and Peru.

National security obviously takes precedence over download speeds. But if security is the goal, banning telecommunications equipment suppliers on the basis of geographic origin makes no sense. Today’s telecommunications industry is transnational and borderless. Threats can originate anywhere. Programmable code can be implanted virtually in hardware and software, allowing malicious actors to spy or launch a cyberattack. Unauthorised functionality can compromise the product of any company, anywhere in the world.

While no evidence exists that Huawei has been compromised, by the Chinese government or any other actors, the US, by contrast, has a long track record of modifying products to achieve its goals. From the 1940s until the early 1990s, the US National Security Agency (NSA) rigged encryption systems sold by Crypto AG, a Swiss company, enabling the agency to read the coded diplomatic and military traffic of more than 120 countries.
Later that decade, it reduced the level of security in non-US versions of internet browsers and email programs made by Lotus Notes, Netscape, and Microsoft to make files encrypted with those programs easy to decrypt. More recently, the NSA intercepted Cisco routers and covertly installed spyware on them before they were shipped to customers. The agency’s ongoing Bullrun program places back doors into commercially available cryptographic software and hardware, or weakens the encryption so that the NSA can break the code.

Australia’s government does not trust Huawei, or China, or any Chinese company. Nor should they: in the digital domain, no one should be trusted. Negotiating arms treaties with the Soviet Union, former US President Ronald Reagan said that the best approach was to “trust but verify”.

Today, smart governments will dispense with trust and proceed straight to verification. Instead of pointlessly banning individual companies, they will establish comprehensive risk mitigation procedures based on global best practices. These include hiring independent security experts to review source code and monitoring supply chains for breaches. Any other approach creates an illusion of security that actually increases risk.

While government bans do nothing to enhance security, they undermine non-discrimination and competition in fair trade, principles that in the last century have enabled the world to make some of the most impressive economic gains in human history. These include Europe’s rapid recovery following the devastation of the Second World War, and the economic reforms that lifted lift more than 800 million Chinese from poverty over the past 30 years.

Bans also block valuable inbound investments that fuel economic growth. Last year, for example, Huawei spent nearly US$15 billion on research and development – more than any US tech company, except Alphabet and Amazon. This year alone, it has spent more than US$800 million on 5G research. Australia’s economy could have benefited from those investments.

It can still do so – while at the same time, taking real steps to enhance security rather than relying on ineffectual, politically motivated bans. If Australia’s new government is serious about securing its telecommunications networks and remaining competitive in a digital age, it will rescind the ban on Huawei and allow the company to work with Australian engineers to ensure the integrity of the country’s future 5G communications infrastructure.

Meanwhile, other countries will observe Australia’s missteps and avoid repeating them.

Henry B. Wolfe, Ph.D., is a cybersecurity expert specialising in electronic forensics, surveillance, cryptography, mobile phone security, and information assurance.

Post