It is extremely rare that Australians get an insight into the workings of our intelligence agencies but the extensive media interview granted by Simeon Gilding, formerly deputy head of the Australian Signals Directorate’s (ADS) signal intelligence and offensive cyber missions, offered a peek into the intelligence world.
Like all governments around the world the Australian government has to defend its country from unwanted intrusions from foreign actors and it is quite natural that that defence should extend to the country’s 5G networks.
The rare insights delivered by Mr Gilding revealed how the ASD adopts a common approach on the important subject of Cyber Security, in terms of looking at it from a worst-case scenario.
This is the exact approach that Huawei has always taken on Cyber Security – long before 5G became the focal point.
What became clear from Mr Gilding’s interview in the media was that Huawei was targeted not because we have done anything wrong in our 30 year history (16 in Australia) but simply for being a Chinese company because, in the view of Australia’s intelligence agencies, the Chinese Government is actively engaged in international Cyber-attacks.
According to Mr Gilding and his former employers that means that the Chinese Government could direct Huawei to put sinister and dangerous attack codes into our equipment.
Huawei has addressed this issue so many times over the last couple of years but we have no problem re-iterating once again here, so here goes.
Firstly, Huawei is a private company and we are very proudly and openly Chinese – we can’t change that and nor would we want to.
In fact, we have been advised by many different western consultants and marketing experts that we should change our brand in order to be successful in the consumer world – we chose not to take that advice.
How did that work out for us? Well, even after getting caught up in the aftermath of the US-China trade war our consumer business continues to flourish and we are the second largest provider of mobile phones across the globe. We have never hidden our Chinese heritage and never will.
However, we have also known for quite a while that the bar is higher for us because of our Chinese heritage and that the rules set for us will be stricter and different to the rest of the industry.
That claim is not self-pity on our part either – the facts absolutely bear it out.
A couple of years ago a major US competitor of ours was found to have multiple backdoors in its network hardware – this basically means that they had allowed vulnerabilities to be built into their equipment that could be utilized by a third-party. Did you read about it in any mainstream media?
Huawei has come under incredible scrutiny these last couple of years with media and government agencies poring over our operations all over the world – and still not one piece of evidence of our company doing anything like what that major US competitor did.
So, given the huge amount of media attention we have attracted with a clean slate can you imagine what would happen if Huawei were found to have allowed backdoors in our kit? It would be front page news for weeks globally and would mean the death of our company.
We understand all of this very well and we really don’t mind that Governments, media and our own customers hold us to different standards.
That’s why in 2011 Huawei hired former chief information officer to the UK government John Suffolk to undertake a full transformation of Huawei’s internal cybersecurity processes and policies. John Suffolk was at the heart of the UK’s cyber security policy. It was an appointment that needed to be approved by David Cameron, the UK Prime Minister at the time.
John’s philosophy was simple, Huawei had to always assume that somewhere and at someplace someone will try and get into our equipment and networks that we build – he wanted Huawei to be the clear global leader in cybersecurity practices.
So since 2011 we have been on this journey to becoming a global leader in Cyber Security. We have been very open about this transformation. We have published white papers about the philosophy we were embarking on and the policies and practices we were implementing. We have opened ourselves up to external audits and reviews to show we are implementing world’s best practice.
So after nine years we have developed processes and policies that are world leading and have given us the confidence to open ourselves up to any evaluation, independent testing government or customers require.
We don’t pretend that we have got this 100% right. No one can or ever will do that, it’s an ongoing evolving policy process that changes with new technologies, global experience and through our collaboration with others like universities and governments from around the world.
The United Kingdom security agencies (as well as Canadian and New Zealand security agencies) have been a big part of this transformation and have engaged long before 5G became the issue of the day.
They have regularly met with our research and development experts about the road maps of the technologies we develop. They have come and seen first-hand the implementations of our Cyber Security transformation in the factories where we manufacture, how we manage of our supply chain from around the world.
They have also pointed out where we need to improve so we are now spending over US$2 billion on improving our software in some product lines because the UK said we needed to lift our standards in this area – they were quick to point out this had nothing to do with any possible espionage.
To conclude, nobody has all the answers on Cyber Security, no individual organization can get there on their own. Companies like Huawei that design, manufacture and help set the global standards for these new technologies need to work with network operators, governments and consumers to get this right.
It is simply not possible to freeze out every Chinese technology company from the 5G eco-system because the reality is that in the next 20 years at least 50% of global innovation will be coming from a China that will be a leader in 5G as well as the new applications it enables.
The truth is that there are more Huawei’s to come and we need to ensure that Australia has the ability to take full advantage of this innovation at the same time ensuring the safety and security of our networks and our people.
Jeremy Mitchell is Director of Corporate and Public Affairs at Huawei Australia