Huawei founder opened up to the press, or did he?

Ren Zhengfei, the founder of Huawei, once again dismissed the allegations that Huawei has been spying for the Chinese government in a rare meeting with the media.

Huawei’s normally reclusive founder told the Financial Times on Tuesday that he missed his daughter, who was arrested in Canada and faces extradition to the US. Ren also reiterated that Huawei has not spied for the Chinese government and has not been asked to do so. “No law in China requires any company to install mandatory backdoors,” Ren was quoted by the FT.

Ren also handed out an olive branch to President Trump, calling the latter “great” and recognising the positive results the American administration’ tax cuts had delivered to the American economy. But he also warned the isolationist route the current American government is pursuing. “The message to the US I want to communicate is: collaboration and shared success. In our world of high tech, it’s increasingly impossible for any single company or country to sustain or to support the world’s needs,” Ren said. Earlier President Trump said he ‘would intervene on Huawei CFO’s case to help China trade deal’.

When it comes to Huawei’s tactics to navigate the difficulties it faces in the western markets, Ren conceded “it’s always been the case, you can’t work with everyone . . . we’ll shift our focus to better serve countries that welcome Huawei,” he told the reporter.

By the founder’s own standard, this interview was a rare opportunity for the outside world to get more transparency of the company he set up 32 years ago. But we were not made much wiser on a few key questions.

Huawei’s CFO, and Ren’s daughter, was charged with misleading the American banks with false information on Huawei’s relationship with its subsidiary related to the company’s business in Iran, which resulted in the banks being handed multi-billion dollar fines. Ren’s interview did not shed new light on the case, despite expressing his parental feeling.

In the spirit of “presumed innocent until proved guilty”, we should believe that the Huawei founder was telling the truth when he claimed Huawei has not spied on behalf of the Chinese government. His words were also carefully chosen when he claimed, “no law in China requires any company to install mandatory backdoors”, which is true. Law enforcement agencies may require companies or private persons to assist their work. In some jurisdictions the companies or individuals have the legal right to refuse, as Apple did in 2015 when being asked by the FBI to unlock an iPhone used by the San Bernardino attackers.

In other jurisdictions companies and individuals are obliged to comply with such demands.

China’s Intelligence Law was passed by the National People’s Congress, China’s legislature, in June 2017 and entered into force the following day. Two articles of the law are of interest here:

Article 7: An organization or citizen shall support, assist in and cooperate in national intelligence work in accordance with the law and keep confidential the national intelligence work that it or he knows. (Translation by the Law School, Peking University)

Article 14: National intelligence work institutions, when carrying out intelligence work according to laws, may ask relevant institutions, organizations and citizens to provide necessary support, assistance and cooperation. (Translation by QUARTZ)

In plain language this means the intelligence agencies have the mandate to require any institutions or individuals to cooperate (Article 14) and the institutions or individuals must comply (Article 7).

Therefore Ren, who declared “I still love my country, I support the Communist party” to the FT journalist, is law-bound to say Huawei has “never received any request from any government to provide improper information”, no matter whether it has received requests of this kind or not. Hypothetically, if Huawei had received requests from the Chinese intelligence agencies to assist their tasks, it could not refuse, otherwise it would be violating the first half of Article 7. On the other hand, if Huawei, hypothetically, had carried out intelligence tasks as required, it could not tell anyone, otherwise it would be violating the second half of Article 7.

But, seriously, no one would have expected an alternative answer.

Maybe the Chinese espionage rhetoric is more than political hot air

Evidence has reportedly been found of China spying on more than 30 US companies, suggesting the anti-China rhetoric might be more than political posturing.

To date, little hard evidence has been displayed in the public domain regarding Chinese espionage, but that might be about to change. According to Bloomberg, a three-year old investigation has uncovered tiny microchips nestling on the motherboards of servers used not only in private corporations, but Department of Defense data centres, the CIA’s drone operations, and the onboard networks of Navy warships. These chips can be traced down the supply chain to a Chinese subcontractor used by SuperMicro.

While espionage has focused on locating and exploiting vulnerabilities in software in recent years, compromising hardware can be more effective. It is more difficult to do, but due to the life-cycle of these products, it can be longer until the issue is uncovered. Compromising hardware can be done in two ways; firstly, devices can be manipulated when on-transit between the supplier and the customer, or the nefarious activities can be conducted at the beginning of the manufacturing process. This is an example of the latter.

The microchips were first discovered after Amazon sought to acquire a company called Elemental. Elemental makes software for compressing massive video files and formatting them for different devices, but also provides expensive servers for customers installed on their sites to handle the video compression. These servers were assembled by SuperMicro, which in turn outsourced some processes to the Chinese subcontractor. These microchips allowed the controller to create stealth doorway into any network that had servers hooked up to it.

To conduct this sort of espionage is incredibly difficult. Not only does the microchip need to be small enough to avoid detection, and powerful enough to perform the desired actions, implanting the device would require an intimate knowledge of the products design. Considering how much of the worlds telecommunications manufacturing is done in China, the country is in an incredibly unique position to master the complex and intricate task. Sources states the microchips were inserted by operatives from a unit of the People’s Liberation Army, the armed forces of the People’s Republic of China and Communist Party of China.

Amazon has stated it had no knowledge of such a saga, though Bloomberg notes this is contradicted by its own sources. While the scale of such espionage activities are unknown for the moment, it is believed more than 30 companies could have been victims, including Apple which had planned to purchase servers from SuperMicro as part of the companies data centre expansion plans.

For the US government, this might just prove to be the justification it needs to chase Chinese companies off the shores. It has been battling to rid the country of Huawei and ZTE, though as little evidence has been released to the general public, a sceptic might suggest this was little more than anti-communist propaganda.

Unfortunately, this might simply compound the pressure which is being applied to China, instead of creating a resilient security framework. A whitepaper from the Rural Broadband Alliance entitled Domain5 suggests a supply chain can be compromised at any point and concentrating on one country might not be the best solution. Operatives are capable of infiltrating a manufacturing plant, in theory, irrelevant as to where it is, therefore concentrating too intently on one country might weaken the security protocols elsewhere.

This should not undermine what is perhaps the most damning evidence of Chinese espionage in recent years however. Various intelligence committees and sub-committees have pointed the finger of dodginess at China for years, though this is the most compelling evidence which we have seen.