Editor’s Note: For discussion of how use of Huawei or ZTE equipment by publicly traded companies could trigger increased SEC cybersecurity reporting requirements, see FISMA Focus here.
By Brian Prince
No review has cleared Huawei or any other vendor supplying telecommunications equipment to U.S. firms of spying allegations, a White House official said.
The White House is denying a media report that an investigation into corporations supplying U.S. telecommunications companies with equipment found no proof Huawei Technologies was involved in espionage on behalf of China.
Citing anonymous sources, Reuters reported that an 18-month examination of Huawei’s communications equipment revealed the products contained security vulnerabilities that could be exploited by hackers, but not evidence the company had spied on the United States.
In a statement to eWEEK on Oct. 18, a White House spokesperson said the report was not correct and that no investigation has been conducted that cleared anyone.
“The Reuters report, based solely on anonymous sources, is not correct: the White House has not conducted any classified inquiry that resulted in clearing any telecom equipment supplier, including Huawei,” Principal Deputy White House Press Secretary Josh Earnest said in the statement. “In fact, last October, Huawei was excluded from taking part in the building of America’s interoperable, wireless emergency network for first responders due to U.S. government national security concerns.”
Last week, the House Intelligence Committee released a report of its own recommending that U.S. companies considering doing business with either Huawei or fellow telecommunications equipment provider ZTE to find another vendor due to security concerns. In addition, the report recommends that U.S. government systems, especially sensitive systems, do not use Huawei or ZTE equipment or components.
“We have to be certain that Chinese telecommunication companies working in the United States can be trusted with access to our critical infrastructure,” committee Chairman Mike Rogers (R-MI) said in a statement Oct. 8. “Any bug, beacon, or backdoor put into our critical systems could allow for a catastrophic and devastating domino effect of failures throughout our networks.”
“China is known to be the major perpetrator of cyber-espionage, and Huawei and ZTE failed to alleviate serious concerns throughout this important investigation,” he added. “American businesses should use other vendors.”
In response to the report by Reuters, Huawei spokesperson Jannie Luong said via email Oct. 18 that Huawei is not familiar with the review mentioned by the publication’s sources, but stated that it was no surprise to hear the company had been cleared of charges of espionage.
“These are, of course, the facts and they will remain such in the future Huawei is a $32 billion independent multinational that would not jeopardize its success of the integrity of its customers’ networks for any government or third party,” she said.
“With respect to the suggestion that Huawei gear has vulnerabilities that hackers might exploit, Huawei notes that every vendor’s gear is subject to such attack,” she continued. “Nevertheless, while the quality and integrity of Huawei’s solutions are world-proven by over 500 operators across 150 markets, to the extent that the study identifies vulnerabilities, Huawei welcomes the opportunity to review the study to determine if such vulnerabilities are real and, if so, to address them, if not, to clarify the facts,” she said.