Skip to main content

Huawei: We’re not a security threat, we’re just a pawn

huawei were not a security threat just pawn china
Image used with permission by copyright holder

A couple months ago, most Americans had never heard of Huawei. Those who had probably knew it as just another Chinese company hawking cheap Android phones. That changed in a hurry when former CIA and NSA chief Michael Hayden claimed the Chinese telecom giant was an unambiguous security threat to the United States.

William-Plummer-Huawei-VP-of-External-Affairs
Huawei’s VP of External Affairs William Plummer Image used with permission by copyright holder

So far, no one has shown any hard evidence of Huawei sharing its knowledge of U.S. networks with the Chinese government, but how does the company answer to the allegations? We grilled William Plummer, Huawei’s VP of External Affairs and chief U.S. spokesperson for the company, to ask about Huawei’s business worldwide and the difficulties in the United States. With seven years of experience as a U.S. Foreign Service Officer and three and a half years with Huawei, Plummer has sat on both sides of the table. Here’s what he had to say about Hayden’s very serious allegations.

Is there any cause for consumers to be worried if they see Huawei brand?

Well, good grief, why? The ICT, the information and communications technology industry, is arguably the world’s first transnational industry. We are exactly the same as any of the other of the companies at the center of ecosystems that are tides that lift many boats. We’ve got 70,000 R&D engineers in 28 centers across the globe, including 11 in Europe and seven in the United States. We’re building our equipment all over the planet. We’re designing and coding all over the planet.

I think people need to understand we’re a $35 billion company doing 70 percent of our business outside of China. We’re not going to let any government compromise us.

A White House review found no evidence of Huawei spying for the Chinese government, but noted security vulnerabilities in Huawei equipment.

Everyone has vulnerabilities. We are all vulnerable. I mean, how did Stuxnet get behind an air gap in the Iranian nuclear facility? Just throw enough USB [drives] out there and someone’s going to carry one over. And that’s air-gapped!

“We’re not going to let any government compromise us.”

But if you look back at Estonia and Georgia, those were botnet-driven DDOS attacks. They didn’t care who built the plumbing. Moonlight Maze was the Russians in 2000, and then there was Titan Rain, Night Dragon, and even GhostNet – those were the Chinese. Every one of them treated what I build agnostically, like plumbing. In April of last year, you had the GAO report that said in the 35,000-some-odd cyber incidents that have taken place none of them had to do with network gear.

[The GAO report on cybersecurity was published in April 2012.]

It is glaringly obvious that we can approach the challenge of more-secure networks by driving towards universal disciplines, standards, and best-practices that are industry-wide and certifiable. That makes sense! That would be pragmatic! Once we do that, you have to keep in mind we’re just building the plumbing. There also have to be, for service providers, universal disciplines, standards, and best-practices to ensure the integrity of the data traffic – the water that flows through the plumbing.

Why do you think Huawei has been subject to so much government suspicion in the United States?

We have to take responsibility for the fact that a lot of this misinformation is out there. Until about three years ago, the company was focused on innovation and customer-centricity – which is, in part, a reflection of a company with 70,000 people in R&D. That’s a lot of engineers, and the average age employee is 28, so it’s a lot of really young, smart people.

Two modern buildings house Huawei' s R&D teams at Huawei Global Headquarters in Shenzhen.
Two modern buildings house Huawei’ s R&D teams at Huawei Global Headquarters in Shenzhen. Image used with permission by copyright holder

The focus wasn’t on protecting the brand. And I think we were late to realizing that, at least in the U.S., as the war on terror became less interesting we needed to have a new enemy, and the focus was on China and cyber. Which doesn’t mean that’s not a legitimate focus! I mean, we’re hacking, they’re hacking, Russia’s hacking, Israel’s hacking, the whole world is hacking. We didn’t realize we were going to become a political football. Had we, ten years ago, been undoing a lot of the myth and innuendo, we wouldn’t be in the situation we are today. A good deal of my job, still, after three and a half years at this company, is cleaning up the misinformation.

What are some examples?

I would quibble with you about a couple of things in your article. If you can find a reference to “national champion” outside of the 2005 Rand report and the Bruce Gilley Far Eastern Economic Review article from 2000, let me know, because we still don’t know what “national champion” means. Even when our witness was testifying to the House Permanent Select Committee on Intelligence as part of their exercise – I hate to call it an investigation because that would require impartiality and some level of objectivity – but the witness even testified that we don’t even know what that means.

[The 2012 HPSCI report, 2005 Rand report and Bruce Gilley’s article from 2000 are available online.]

“These guys are engaged in an geopolitical game of chess, and market access for Huawei is a pawn on their side of the table.”

You mentioned pursestrings a couple of times. Look at a company like ours, we have relationships with just shy of 30 major commercial banks globally, I think all but eight of them are outside of China. We’ve got somewhere between $5 and $7 billion in outstanding debt and a credit line which is about $25 to $30 billion, all at market rates. We’ve got about $5 billion in employee capital through the employee stock ownership program.

We could go into a lot of depth on the ways the company finances itself, but one way it does not finance itself is with preferential loans or financing from the Chinese government. We do get some research grants – we also get research grants in Germany and we get research grants in other markets – but it’s a fraction of a fraction of a percent of revenue. That’s another one of these sort of urban myths that lives on and on.

Incidentally, [Huawei founder] Ren Zhengfei only owns about one point…I forget, if it’s 1.28 or 1.24 percent of the company. You had him as a major; he had no rank, but only because the PLA didn’t have ranks until after he’d been cashiered. It might be that after the fact someone has put together some sort of equivalency.

The House intelligence committee report in 2012 found no evidence of wrongdoing, but still came out negative.

The Rogers report, which you do make reference to, made some interesting noise about internal documents and cyber warfare units. But he demonstrated squat. “Purported violations of law?” As a former law enforcement agent, at the very least he should inform us so that we can clean up – if there is something to clean up – or go to the proper authorities. But just to throw that out there and then not substantiate it seems remarkably irresponsible.

We prepared – and never used – a fact-check document which goes to their report. We were going to put it out there, and we said, you know what, The Economist got it right when they called this thing a report for vegetarians. Pretty much everybody who has ever looked at it recognizes that it is vapid, and we decided not to even bother with correcting them.

[The Economist’s coverage of the HPSCI report is available online.]

Is that ‘protecting the brand?’

When the chairman or his friend Mr. Ruppersberger shake their fingers across the table at Huawei executives and say “If you want to do business in our country, you tell your government to stop hacking us,” that, right there, exposes all of this for what it is. These guys are engaged in an geopolitical game of chess, and market access for Huawei is a pawn on their side of the table. I understand geopolitics, but to hold a company hostage to hopefully compel a change in the behavior of the government where that company is headquartered is vain at best. Someone should be held accountable for that.

Huawei engineers at work.
Huawei engineers at work. Image used with permission by copyright holder

I think we were heading in a really good direction. We had the empty HPSCI report – empty, vapid, whatever – and everyone said, OK, let’s leave that thing behind. We had the President’s cybersecurity order that came at the beginning of the year that mandated the NIST study on supply chain. That was open for comment, and Huawei commented, sharing some of our best practices. It mandated industry standards that we can use to better secure our supply chains. Good stuff. We had secretary Kerry in China in spring meeting with his counterparts and the agreement to have a cyber agenda, and the meeting that took place in Washington in early July. Good stuff.

[The executive order on improving critical infrastructure cybersecurity was issued in February 2013; the NIST supply chain study was published in October 2012.]

So, everything was heading in the right direction until Snowden.

You mentioned accountability. Do you see that happening? Do you think this will come back to bite people with a political agenda?

There’s a monster cost to all of this. There’s a reason why Europeans pay one-third what we do for wireless broadband. This spring CTIA (the wireless industry association for the U.S.) put out this paper saying the U.S. invested 25 percent of the world’s network capital expenditures in five percent of the world’s subscribers. That’s $94 invested in networks per person, as opposed to $16 on average globally. And I’m like, what are you crowing about?! If that’s not a demonstration of the lack of competition in this market, I don’t know what is.

[The CTIA survey of U.S. wireless expenditures was published in May 2013.]

“Let’s stop discriminating based on geography. It doesn’t make sense, it’s not fixing anything.”

The elephant in the room is we’re giving up all of these potential benefits – investment and innovation and jobs and co-innovation and competition and affordable broadband – and threatening tens of thousands of Americans who owe their jobs to the companies that supply us. One third of all our inputs come from American companies. Qualcomm, Broadcom, Texas Instruments, Hewlett-Packard, Micron in Idaho, Andrew [Solutions] in Illinois, all of these hundreds of American companies, billions of dollars, are components going into our solutions. That was about $7 billion last year.

Now, as an American, I might be willing to have less investment, less employment, less competition, less affordable broadband, and sacrifice all this stuff if I’m going to have a more-secure network. But the remedy – blackballing a company by virtue of its flag of headquarters – not only doesn’t do squat to protect networks, but it actually creates a false sense of security by turning your blind eye to Cisco, Alcatel-Lucent, Nokia, Siemens, Ericsson, and others that are all coding and building in China. I mean, Alcatel-Lucent owns 50 percent plus one share in Shanghai Bell. The balance of Shanghai Bell is owned by multiple entities of the Chinese government.

Huawei is doing consumer products in the U.S., including handsets. Do you anticipate growing that business?

It is our fastest-growing business worldwide, and it has been a pretty good business for us here. It is the majority of our business here in the U.S. now.

Huawei W1: The company's first Windows Phone Device
Huawei W1: The company’s first Windows Phone Device Image used with permission by copyright holder

Huawei’s entry into the U.S. market in devices was the same as everyone else – except for Apple, no rules apply to Apple. This market is very unique in terms of the channel being almost 100 percent carrier. Europe is 50/50 carrier to open, Asia is probably 95 percent open, 5 percent carrier. Here, it’s 95 percent carrier, 5 percent open, so, really, you have to come in and pay your dues. So we came to the carriers with “Where do you have gaps in your portfolio that we can help?” And what we found early on was the gaps were in affordable smartphones. So, working with Metro PCS, working with Leap, working with some others, we starting bringing in Android-powered at sub-$100 unsubsidized.

So, devices is an area that we continue to grow globally, and we hope to continue to grow here. We probably have one of the richest portfolios in terms of range and lifestyle of any of the vendors, from entry-feature through affordable-smart to smart to uber-smart. Right now I think we’re between tablets, and we just launched the Windows Phone.

Do you anticipate getting into other product areas, like set-top boxes?

We have in other markets. We have pretty broad digital home portfolio. I don’t think we’ve ever brought any of the set-top stuff here. There may have been a time when it was proposed, but even the relationship we had with Cox was about their wireless venture.

Given the current state of the Huawei brand in the U.S., do you anticipate some of this stuff could be rebranded if it was brought to market?

When we first came to the US in 2001 we rebranded the company as Futurewei. That didn’t catch on, although the Futurewei organization still exists – it’s our R&D organization in the U.S. – but I don’t see that happening.

Where does Huawei go from here in the United States?

Huawei is a world-proven, world-trusted company in markets that are being rational. We share a common goal with our industry peers and, I think, with most governments (including this one!) that we need to do a better job of securing networks from ideation through end-of-life. It’s got to be across that spectrum. It’s how you hire people. It’s how you track your code.

Let’s look at this rationally. What do we need to achieve here? We want to have competition. Then we need to get rid of trade barriers. OK, but we need to face a trust issue. How do we manage the trust issue? We set a bar that everybody has to meet, then we can trust everybody and our networks will be more secure.

Maybe this is where Snowden has done us all a favor. It’s like, OK, everything is potentially comprisable. Accept that. Now, let’s stop playing games about geography. Let’s stop discriminating based on geography. It doesn’t make sense, it’s not fixing anything, let’s focus on the fixes. Let’s talk about real solutions.

Top image courtesy of Elnur/Shutterstock

Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
We’re into 2021 and the Ticwatch Pro 3 still has no competition in Wear OS world
revisiting the mobvoi ticwatch pro 3 lte dial

The Qualcomm Snapdragon Wear 4100 processor was announced in June 2020, and the first watch to use the chip, the Mobvoi Ticwatch Pro 3, arrived in late September. I say, “first,” but it also remains the only Wear OS smartwatch to use the new Qualcomm chip. All other Wear OS watches released recently, frustratingly, still use the old Snapdragon Wear 3100 chip.

Mobvoi has even brought out a 4G LTE version of the Ticwatch Pro 3 during this time, and as I was taking a closer look at this model, it seemed like the ideal time to revisit the Ticwatch 3 Pro as a whole. Is it really still the best Wear OS smartwatch you can buy? And just how much are we missing out on with it being the only available Snapdragon Wear 4100 watch?
The battery. Oh, the battery
Yes, the Ticwatch Pro 3 is the best Wear OS smartwatch you can buy at the moment. Not solely because it has the Snapdragon Wear 4100 inside, but because of what it and other optimizations do for the battery life. It's stellar. I wore the Ticwatch Pro 3 for five days, turning it off overnight and with only basic functions enabled, and the battery still had more than 10% remaining at the end of that time. I didn’t have the heart rate sensor active all the time, but it did still receive notifications from my phone, tracked workouts, and stayed connected to Wi-Fi.

Read more
We’re well past the point where Apple should have multi-user support on the iPad
apple ipad pro 2020 six month review 2 1

Apple has been trying to position the iPad as a productivity machine for years now, and it's working. With iPadOS, accessories like the Magic Keyboard, and support for desktop browsing, the iPad has become a viable replacement for a laptop -- and I actually use an iPad Pro instead of a laptop now. But there's one major piece missing from this puzzle: Multi-user support.

I get it. Apple wants everyone who wants to use an iPad to buy their own. But the fact is that not everyone wants to, or can afford to, have multiple iPads in their home. But these people should still be able to get the great tablet experience the iPad offers.
What's a computer?
If Apple really wants users to adopt the iPad as a computer, then adding multi-user support to the iPad isn't just helpful, it's necessary. That's true now more than ever. 2020 was the year of remote learning and remote working, and that means that we're all reliant on our mobile devices. Desktops, laptops, and tablets are pulling double (or triple) duty for multiple tasks and multiple people. That's likely to continue regardless of the pandemic's length, and many expect that remote working will continue to grow in popularity.

Read more
China’s new data security initiative urges tech firms to not install backdoors
digital trends live episode 437 106619142 15949038932020 07 16t045305z 1572845887 rc24uh9n1ig1 rtrmadp 0 usa legislation tikt

China is addressing the growing global concerns and pushback against Chinese tech companies with a set of new data security standards. The country has announced (via CNBC) a new global initiative that outlines principles urging participants to respect other governments’ sovereignty in how they handle data.

In the last year, Chinese tech firms that have gone viral overseas such as TikTok and PUBG Mobile have been accused of unlawfully siphoning up user data and sharing it with the Chinese government. While China has repeatedly denied these accusations, it’s hoping to explicitly put such concerns to rest with this new global security initiative. It’s not a law, however, and only the tech companies that sign up for it will be required to follow the principles.

Read more