The Trump administration’s pressure campaign on allies to break ties with Huawei is taking a very Trumpian turn with bombastic and neck-wrenching tweets replacing private diplomatic warnings.
Trump’s Ambassador to Germany Richard Grenell tweeted out of the blue on Sunday that President Trump had called him from Air Force One “and instructed me to make clear that any nation who chooses to use an untrustworthy 5G vendor will jeopardize our ability to share Intelligence and information at the highest level.”
That marked a major reversal from just two days earlier when U.S. officials assured an audience at the Munich Security Conference the United Kingdom's decision to allow Huawei to build parts of its next-generation 5G wireless network would not affect intelligence sharing.
The tweet came as Germany, France and Canada all appear likely to follow the United Kingdom in allowing Huawei to build portions of their 5G networks. And, in typical Trump fashion, it threw allies who are mulling multibillion-dollar 5G decisions into a new phase of uncertainty, wondering whether the pronouncement represented an actual shift in policy or just presidential bluster.
U.S. officials have long warned that Huawei is too dependent on China’s Communist Party and can’t be trusted not to aid Chinese spying — especially if it has access to nations’ 5G systems, which will carry far more data than earlier generations of wireless networks. But they’ve stepped back from threats to cut off intelligence sharing as more nations sign on with Huawei.
If the United States did halt sharing intelligence with key allies — especially among the Five Eyes alliance including the United Kingdom and Canada — it would be a momentous move with dramatic national security consequences.
China punched back on Twitter, where Foreign Ministry representative Hua Chunying argued the United States could be just as great a threat to Germans' privacy as Huawei. She referred to a story leaked by NSA contractor Edward Snowden that U.S. spies listened in on Chancellor Angela Merkel’s cellphone, which caused a major rift between the nations in 2013.
Ambassador Richard Grenell tweeted on consequences of choosing an "untrustworthy" 5G vendor. Who he is threatening? Who's the real threat? Remember, Snowden said US spied on Chancellor Merkel's phone! https://t.co/P0D2pkjvZJ— Hua Chunying 华春莹 (@SpokespersonCHN) February 17, 2020
The social media sniping comes as time is running out for the United States to convince allies to bar Huawei from their networks entirely. Only a handful of nations have followed the United States' lead in implementing a full ban, including Australia, New Zealand and Japan. And U.S. leaders are bringing out their biggest rhetorical guns.
House Speaker Nancy Pelosi (D-Calif.) slammed Huawei at the Munich Security Conference, saying there was bipartisan U.S. agreement about the telecom’s dangers and that nations contracting with Huawei for 5G are choosing “autocracy over democracy.”
“It is about putting the state police in the pocket of every consumer in these countries,” she said.
That drew swift pushback from Chinese state media. Here’s China Daily E.U. Bureau Chief Chen Weihua:
US has waged vicious smear campaign against Huawei at Munich Security Conference in desperate move to coerce European nations. But that will fail for sure because like AIIB case, Huawei will prove itself to be trustworthy partner in the coming years. Why it would do otherwise?— Chen Weihua (@chenweihua) February 15, 2020
Secretary of State Mike Pompeo also described Huawei and other Chinese tech firms as “Trojan horses for Chinese intelligence," and Defense Secretary Mark Esper warned “reliance on Chinese 5G vendors…could render our partners’ critical systems vulnerable to disruption, manipulation and espionage.”
But Europeans are starting to push back. Former Estonian president Toomas Hendrik Ilves challenged Esper during the conference, asking whether the United States would put its money where its mouth is by subsidizing Huawei’s 5G competitors Nokia and Ericsson. Those European companies’ 5G services are much more expensive than those from Huawei, which is helped by Chinese state subsidies.
“Many of us in Europe agree that there are significant dangers with Huawei, and the U.S. for at least a year has been telling us, do not use Huawei. Are you offering an alternative?” he asked, as reported by NPR.
German lawmaker Alexander Lambsdorff also complained on Twitter the United States is spending more time complaining about Huawei than suggesting viable alternatives.
Is there a US vendor the President would care to recommend instead? Does he have a list of 'trustworthy vendors'? Which criteria does he apply to determine 'trustworthiness'?— Alexander Lambsdorff (@Lambsdorff) February 17, 2020
These are serious questions not asked in jest. @fdpbt #USA #5G #Digitalisierung #noHuawei #Huawei
The verbal assaults come as U.S. officials are also exploring less drastic measures to weaken Huawei, including imposing new hurdles before Chinese companies can use U.S. components for computer chips, the Wall Street Journal’s Asa Fitch and Bob Davis report.
They’re also mulling expanding restrictions on U.S. companies shipping components to Huawei from their overseas facilities, as my colleagues Ellen Nakashima, Jeanne Whalen and David J. Lynch report. The government placed Huawei on a trade blacklist last year that barred such shipments if a product contains at least 25 percent U.S. parts. But officials are now considering reducing that limit to 10 percent U.S. parts – a move the Pentagon previously opposed because officials feared it would make U.S. companies less competitive.
Sen. Rick Scott (R-Fla.) also introduced legislation that would mandate the new limit.
Yesterday I proposed a bill that would further restrict the ability for US companies to sell to Huawei.— Rick Scott (@SenRickScott) February 15, 2020
China is not an ally, they are constantly trying to tap into our intelligence and steal our data and im glad to see the Pentagon shift it’s stance. https://t.co/Bc3sZcjjTf
PINGED, PATCHED, PWNED
PINGED: The Iowa caucus night debacle when an app malfunction delayed the vote-counting by days was the result of years of mismanagement and inattention to technology and cybersecurity, my colleague Isaac Stanley-Becker reports. Based on internal documents and interviews with 54 people, Isaac paints a portrait of miscommunication between the state party and national Democrats, compounded by poor planning, that left significant concerns about election security unaddressed as the caucuses approached.
Among the problems: A contracting request for technology products didn't go out until May 2019 — less than a year before the caucuses. Plans for a virtual caucus using secure teleconference lines, which Iowa Democrats say the DNC initially approved, were scrapped in August, leaving the party scrambling for an alternative.
And once Democrats settled on buying a vote-tallying app from Shadow Inc., launched by veterans of Hillary Clinton’s 2016 campaign, it was never clear whose responsibility it was to vet security for it. The DNC initially took a greater role in vetting the app and paid for a security audit of the software but later expressed concerns about its use, DNC officials said. It's not clear if the party recommended not using it, though.
Those problems were amplified by Insufficient resources to test how the app would work on caucus night, Isaac found. While Nevada conducted a dry run of two similar apps, nothing similar took place in Iowa. Even a week after the caucuses, recently departed Iowa Democratic Party Chairman Troy Price was unable to answer how many precinct chairs had downloaded the app or when training had begun, Isaac reports.
PINGED: The CIA was far more aware then previously known about a wave of violence backed by military dictatorships across South America in the 1970s — a result of secret access to encrypted communications systems those governments used, my colleague Greg Miller and documentary filmmaker Peter F. Mueller report.
The CIA’s secret knowledge about the military crackdowns dubbed Operation Condor highlights a key ethical question of intelligence work: When is it worth burning the secret sources and methods of intelligence to prevent atrocities and other mass violence? It’s also likely to raise concerns among contemporary cybersecurity and privacy advocates as the Justice Department pushes for greater access to encryption systems used by U.S. companies.
The story follows Greg’s blockbuster report last week with the German public broadcaster ZDF that the Swiss company Crypto AG — which governments around the world relied on for decades to keep their communications confidential — was secretly owned by the CIA, which was capable of spying on many of those conversations.
“The U.S. spy agency was, in effect, supplying rigged communications gear to some of South America’s most brutal regimes and, as a result, in a unique position to know the extent of their atrocities,” Greg and Peter write. But “what the documents don’t show is any substantial effort by U.S. spy agencies, or senior officials privy to the intelligence, to expose or stop human rights violations unfolding in their view.”
Those dilemmas also spread far beyond South America. “The list of countries targeted in the Crypto operation suggests that U.S. spies would have had extensive insight into turbulent developments across multiple continents and decades — massacres in Indonesia, abuses under apartheid in South Africa and violent crackdowns against dissidents waged by Hosni Mubarak in Egypt after the 1981 assassination of Anwar Sadat,” Greg and Peter report.
PWNED: The Israeli military exposed a scheme by the Palestinian militant group Hamas to hack into soldiers' phones by posing as attractive women on social media and convincing the interested soldiers to download malware, Josef Federman at the Associated Press reports. The hackers infiltrated the phones of dozens of soldiers but didn’t steal any important information, an Israeli military spokesman said.
The Hamas operatives targeted soldiers on apps including WhatsApp, Facebook, Instagram and Telegram. Once they built a relationship, they urged soldiers to download a malware program disguised as a Snapchat-like app. This was the third time Hamas hackers attempted such an operation and by far the most sophisticated effort, Israeli officials said.
Soldiers alerted Israeli army officials to the suspicious messages and the army linked the malware to Hamas servers. There was no immediate comment from Hamas to the AP.
— Microsoft will test its ElectionGuard technology, which gives voters an encrypted code to verify that their votes were counted accurately, in Fulton, Wis., today. The pilot will happen during a primary election for the Wisconsin Supreme Court where only a few hundred people cast votes. But Microsoft is touting it as the first major test of the software, which it hopes will one day help verify election security across the nation.
The official vote count will be tallied with paper ballots printed by a machine, but the ElectionGuard system will provide an encrypted, verifiable digital tally as well.
— More cybersecurity news from the public sector:
— Cybersecurity news from the private sector:
THE NEW WILD WEST
— Cybersecurity news from abroad:
- US Election Assistance Commission will host a 2020 Elections Disability, Accessibility and Security Forum in Washington, D.C. on Thursday from 9am to 4:30pm
- The Penn State Dickinson Law and Institute for Computational and Data Sciences will host an event “Hacking The U.S. Election: How Can We Make U.S. Elections More Secure?” on February 24 from 8:30am-1:00pm.
- RSA Conference 2020 is scheduled for Feb. 24 to 28 in San Francisco.