Huawei, the massive Chinese technology company that has come under criticism for its close ties to China’s government, is defending itself, saying that it has never stolen national intelligence or intellectual property and does not support any groups that do so. The company has been a frequent target of critics who allege that it trades information and secrets with the Chinese government, allegations its officials have consistently denied.
In a position paper released this week, John Suffolk, Huawei’s global cyber security officer, said that the company has no interest in stealing state secrets from foreign nations or siphoning off intellectual property from enterprises.
“We have never damaged any nation or had the intent to steal any national intelligence, enterprise secrets or breach personal privacy and we will never support or tolerate such activities, nor will we support any entity from any country who may wish us to undertake an activity that would be deemed illegal in any country,” Suffolk said in the paper.
“Huawei does not, and would not, support, condone or conduct activities intended to acquire sensitive information related to any country, company or individual, nor do we knowingly allow our technology to be used for illegal purposes.”
In April, John Bryson, Secretary of Commerce, told Congress that his department was very concerned about Huawei and its capabilities and said that the company “capabilities that we may not fully detect to divert information”. Other United States government officials and corporate executives have raised concerns about organized industrial espionage operations emanating from China that target U.S. companies and military networks. There has been little said publicly by Chinese officials or corporate executives about such attacks, but there have been indications in recent months that U.S. and other western officials are willing to meet with their Chinese counterparts to discuss the situation and whether there’s a need for standards and norms regarding cyberwar.
At a panel at the RSA Conference in April, Dmitri Alperovitch of CrowdStrike, said that there are some fundamental differences in the way that the people on both sides think about these things.
“We have our list of priorities and the Chinese have theirs,” he said. “There has to be some sort of diplomatic transfer where we there’s a trade off.”
In the white paper, Suffolk says that Huawei would be open to discussions about international norms regarding cybersecurity.
“Huawei would welcome a coordinated international approach to principles of data protection and cyber security. We believe that such an approach would foster better overall standards of data protection on a global basis, rather than having vendors, service providers and corporations struggle to apply inconsistent standards and approaches across various countries. As illustrated by this White Paper, equipment manufacturers such as Huawei operate in a complex legal and regulatory environment. Huawei is committed to complying with all of the applicable laws and regulations in every jurisdiction in which it operates and will restrict its operations as necessary to comply with international sanctions and local law,” Suffolk says in the paper.
The release of the Huawei white paper comes at a time when state-sponsored targeted attack campaigns using tools such as Stuxnet, Duqu, Flame and others have been grabbing headlines around the globe. Researchers say that those attacks are a ripple on the surface compared to what’s going on deeper down and that only a small percentage of such attacks are ever brought to light.
In an interview in July, Shawn Henry, a former FBI official, said that the true size and scope of the threat to corporations and government agencies is difficult to grasp for many people.
“It’s hard to explain the threat to some organizations,” he said. “Some people get it, but many don’t. The entire threat out there is kind of like an iceberg. The part that most people hear about is the part above the water line, the unclassified threats. People don’t hear about what’s below the water line, which is everything that’s happening in the classified environments. It doesn’t get a lot of attention outside of the classified environment, but I can tell you that it’s deep and broad and extensive.”