Rumoured Chinese computer espionage to be analysed by defence leaders

At a US hearing last month, two Chinese telecoms firms formally denied allegations that their products are being built for purposes of espionage.

Shenzhen-based Huawei and ZTE stated before the committee that the ‘backdoors’ believed to be built into some of the technology are merely ‘software bugs’ and that neither company is controlled by the Chinese government.

Lt Col (Rtd) William Hagestad, former US Marine and author of ‘21st Century Chinese Cyber Warfare’, has spent several years flagging this type of vulnerability to the digital security world, but many had previously not considered the idea to be a genuine threat.

Asked in an interview with Defence IQ about the recent developments that are finally bringing the issue to the attention of the wider public, Hagestad replied: ‘I wish I had been wrong.’

Explaining that the possibility of major telecommunications manufacturers violating their respective hardware for espionage purposes has always existed, Hagestad points to evidence to suggest that this is not a case of mistaken identity.

‘When you look at the recent DEFCON 20 presentation that describes in great detail some of the Huawei routers and some of the compromises that have led to buffer overflow, you can see that it is not a software bug,’ he said.

‘These are actual, no kidding, compromises to the hardware and software of the telecommunications manufacturers. Now whether they are overt, covert or unknown is irrelevant – the fact that they exist… is a concern not only commercially but also to the national security of the countries that are using them.’

Hagestad was speaking ahead of his involvement in the annual Cyber Defence & Network Security (CDANS) conference, set to take place in London from January 24–27, which bring together the world’s defence chiefs and heads of CERT, systems security, military IT, counterterrorism, and cybercrime professionals. Last year’s BBC-covered event hosted over 150 attendees and over 25 speakers from 24 nations.

This year, much of the focus will rest on dealing with the ongoing threat to critical national infrastructure and cloud computing, but there will also be inevitable discussion on the potential of the use of cyber weapons and foreign state responses to the evolving cyber domain.

Asked whether these allegations are likely to change how the technology industry manufactures its products, or if we are in fact too late to counter the threat, Hagestad is philosophical.

‘I would hope that we’re never too late,’ he said.

‘And I’m not one to say that we should ban every Chinese product. That doesn’t do international trade, cooperation, and geopolitical agendas any good – that’s actually counterproductive.’

You can listen to the full interview here.

Do you have an opinion on this topic? Can East and West ever see eye-to-eye in the digital realm? Email haveyoursay@defenceiq.com with comments, views and questions, or simply post your comments below.

More information on attending the event can be found on the Cyber Defence & Network Security website here.