The tide may be turning in the U.S. effort to check the global spread of next-generation telecom equipment from Huawei following months of setbacks.
Officials at the European Union and in Germany and Brazil all made moves during the past few days to restrict Huawei following more than a year of U.S. charges that the Chinese telecom company could be a conduit for Beijing’s digital spying or sabotage.
The U.S. argument also appears to be making some headway in Canada, where White House national security adviser Robert O’Brien savaged Huawei during a security conference over the weekend, winning plaudits from conservative Canadian lawmakers who urged Prime Minister Justin Trudeau to follow the U.S. lead.
“When they get Huawei into Canada … they're going to know every health record, every banking record, every social media post — they're going to know everything about every single Canadian,” O’Brien said. He also warned that U.S. intelligence sharing with Canada “would be impacted if our close allies let the Trojan horse into the city.”
The turnaround suggests allies that were hesitant to join the United States in a blanket ban on Huawei might be willing to take more limited actions that get U.S. officials much of what they want. That could reduce the danger of Chinese dominance over super-fast 5G networks that will carry orders of magnitude more data than existing wireless systems and run a new generation of Internet-driven technology such as autonomous vehicles and automated factories.
The European Union, for example, endorsed a strict review process for 5G suppliers that includes examining the legal and political frameworks companies are bound by — a requirement U.S. officials have long argued should block Huawei because it’s too beholden to China’s Communist Party. The German parliament passed a similar motion — over the opposition of Chancellor Angela Merkel — blocking 5G equipment from nations where the government holds too much sway over the business world.
Brazil’s national security body also launched a broad 5G risk assessment that could put Huawei out of the running.
Only a handful of nations, meanwhile, have followed the U.S. push for a full Huawei ban including Australia, New Zealand and Japan. Britain previously decided to limit Hauwei contracts to the periphery of its 5G networks rather than core systems, but U.S. officials have argued that still gives the company far too much access.
The shift comes as the U.S. government is expanding its own efforts to restrict Huawei — which already include banning it from 5G networks and government contracts and restricting most U.S. sales to the company.
The Federal Communications Commission voted unanimously Friday to effectively block Huawei from selling new gear to the small network of rural phone and Internet providers it has contracts with, as my colleague Jeanne Whalen reported.
Commissioners also launched a new effort to map out all the Huawei gear running on U.S. networks and to consider funding the approximately $2 billion project of removing and replacing it.
Huawei, which has steadfastly denied aiding Chinese spying, denounced the FCC move, saying it violated “bedrock principles of due process” and is “based on nothing more than irrational speculation and innuendo.”
Lawmakers, on the other hand, were quick to applaud the move:
Sen. Ted Cruz (R-Tex.) called Huawei a “spy agency masquerading as a technology company.”
.@Huawei is a spy agency masquerading as a technology company. I applaud the @FCC’s unanimous decision today to help stop the communist party in #China’s espionage efforts in the US. https://t.co/yjHDh8BuCD— Senator Ted Cruz (@SenTedCruz) November 22, 2019
Here’s Rep. Jim Banks (R-Ind.):
.@FCC voted unanimously to block #Huawei & ZTE from federal subsidies.— Jim Banks (@RepJimBanks) November 22, 2019
An easy decision. US taxpayers shouldn’t subsidize #CCP controlled companies’ efforts to spy on Americans. Obviously. https://t.co/dookK3SB69
And Rep. Michael McCaul (Tex.), the top Republican on the House Foreign Affairs Committee and former chairman of the House Homeland Security panel:
“China is using their technology to weaponize supply chains against U.S. security & economic interests. I applaud the FCC for voting to ban the use of taxpayer money for Huawei products & preventing dangerous CCP tech from further infiltrating U.S. networks.” -LR @RepMcCaul https://t.co/ysOw3cj84R— House Foreign Affairs GOP (@HouseForeignGOP) November 22, 2019
PINGED, PATCHED, PWNED
PINGED: President Trump continued to push a baseless conspiracy theory about CrowdStrike helping Ukraine influence the 2016 election despite it being soundly debunked during the House impeachment hearing and containing obvious factual errors.
“They gave the server to CrowdStrike, or whatever it’s called, which is a company owned by a very wealthy Ukrainian,” the president said on Fox and Friends – even though the publicly traded CrowdStrike is a U.S. company with no Ukrainian ownership.
Trump gave the interview a day after former Trump National Security Council member Fiona Hill warned that Russia has promoted the conspiracy theory to undermine U.S. intelligence agencies' unanimous conclusion that it was behind the 2016 attack
Sen. John Neely Kennedy (R-La.) later bolstered Trump's arguments, telling Fox News host Chris wallace he didn't know who was responsible for the DNC hacking. “But it could also be Ukraine,” Kennedy told Wallace. “I'm not saying that I know one way or the other.”
He also dismissed the idea that claims that Trump held military aid from Ukraine until its president agreed to investigate the son of rival Joe Biden a “red herring.”
PATCHED: The FBI is probing a hacking campaign that targeted more than a dozen U.S. electricity providers cross 18 states, Rebecca Smith and Rob Barry at the Wall Street Journal report. The campaign began sometime earlier this year and could be ongoing, according to security researchers.
The report is especially concerning because many of the targets were close to critical infrastructure such as dams where a power failure could cause extra damage by disrupting water supplies. Hackers tried to trick staff at the facilities into opening malware-laced emails that would have given attackers control of the victims' computers and allowed them to steal information.
There’s no evidence that any electricity providers were breached. It's also not clear who conducted the hacking campaign, but U.S. officials have warned that U.S. adversaries including Russia and Iran are eager to compromise key U.S. industrial systems.
The FBI declined to comment.
PWNED: A data breach exposed the personal information of more than a million T-Mobile customers, the company confirmed Friday. The company did not disclose how its systems were breached but said its security team had shut down the “unauthorized use,” Devin Coldewey at TechCrunch reports.
The hackers accessed data including customers’ names, billing addresses, phone numbers, account numbers and plan features. The haul did not include passwords or financial information. A T-Mobile told Devin that the attack was discovered in early November, but would not say how long the data had been exposed.
— Cybersecurity news from the public sector:
— Cybersecurity news from the private sector:
THE NEW WILD WEST
— Cybersecurity news from abroad:
“Just how sick is Trump's Crowdstrike conspiracy theory?” New York Times cybersecurity reporter Nicole Perlroth asked on Twitter this weekend. She went on to relay a personal story about first meeting CrowdStrike officials.
Nearly a decade ago, I joined the NYTimes as a cybersecurity reporter. I was leaving my first RSA conference to visit some friends in LA and took the last remaining middle seat on a Southwest flight from SFO-LA. I was seated between two strangers.— Nicole Perlroth (@nicoleperlroth) November 23, 2019
As we started to descend, I asked them what they were doing in SF. They said they'd just been at the RSA conference to launch their new start-up. They told me it was going to help save the country. I told them I'd also been at a conference and told them my name. They gasped.— Nicole Perlroth (@nicoleperlroth) November 23, 2019
I'd heard that before. But Barnes was genuine. He meant it. We exchanged contact info and said our goodbyes. Occasionally "Barnesy" would drop me a message out of the blue: "Hey there, middle seat!" He never once pitched me, just wanted to make sure I over my breakup— Nicole Perlroth (@nicoleperlroth) November 23, 2019
The personal anecdote was to make a point: the CrowdStrike conspiracy is absurd, she says.
The server isn't in Ukraine. It's here, in this photo, right next to the Watergate cabinet in the DNC's basement. Lest anyone take this as further proof of some conspiracy, know that one of Crowdstrike's other big clients is the Republican campaign arm, the NRCC. pic.twitter.com/i4XjAIYphQ— Nicole Perlroth (@nicoleperlroth) November 23, 2019
And sharing it supports Russian influence operations -- as U.S. the intelligence community has also said.
Enough is enough. Every reporter or human with any shred of human dignity needs to shut this one down at every opportunity. When @foxandfriends leaves it at "Are you sure that's true?" you're doing Putin's bidding. The end. PS: This thread is dedicated to Window Seat.— Nicole Perlroth (@nicoleperlroth) November 23, 2019
— Coming up:
- The Senate Committee on Foreign Relations will examine the future of United State policy towards Russia at 9:45 a.m. on December 3.