Did Huawei Really Steal?
Is the US right to have security concerns?
By now most of us have already seen the news of the US Commerce Department extending sanctions against Huawei while adding further conditions to the company. Ever since the original blacklisting back in May 2019, the US was adamant about the existing security concerns with Huawei. But what exactly are these security concerns? Did Huawei steal tech? More importantly, why is the US so keen on strangling the Chinese tech giant?
A questionable past
Now, the US is coming after the company mainly because its 5G initiatives will give Huawei an upper hand in the technology game. America is like that grumpy kid who threw a tantrum because he didn’t get the toy he likes. Now that kid doesn’t want anybody else to have that toy either.
But the allegations against Huawei are not completely unfounded. In fact, the Chinese tech giant has a very questionable past.
The first notable incident goes back to 2003. Cisco sued Huawei accusing the company of stealing Cisco’s router technology. An excerpt from Cisco’s motion for a preliminary injunction against Huawei read, “Defendants[Huawei] have engaged in what amounts to theft of Cisco’s intellectual property by misappropriating and copying Cisco’s source code, duplicating Cisco’s user interface, and plagiarizing extensively from Cisco’s user manuals.”
By 2004 the case was settled and Huawei removed the code in question. The company also admitted that it copied code from Cisco. Although Huawei claimed that the particular section was less than 2% of the 1.5 million lines of code.
In the same year, Fujitsu Network Communications pointed the finger at Huawei. The company had caught one of Huawei’s employees allegedly trying to nab information off a rival product at the SuperComm trade show. The individual Yi Bin Zhu was found to have removed the casing from a $1 million networking gear. Zhu had proceeded to photograph the circuit boards and diagram other suppliers’ networking gear.
Six years later, Motorola sued Huawei over allegedly misappropriating trade secrets. In the complaint, Motorola claimed that five of its former employees have been sharing trade secrets with Lemko, a wireless technology competitor at the time. Later, Motorola amended the complaint accusing the defendants (Lemko and the former employees) have been working with Huawei.
Furthermore, the complaint read that “there is at least part of an email chain that has been recovered that confirms that Defendant Shaowei Pan, at Huawei’s request, transmitted proprietary and confidential Motorola specifications for the Motorola SC300 base station to Ren Zhengfei and JinLong Hou, Huawei’s vice president of wireless communications, in March 2003 and that a meeting and an agreement for the transfer of Motorola proprietary information did, in fact, take place in Beijing during the China trip in February-March 2003.”
By 2011, Huawei filed a lawsuit to prevent Motorola from giving its IP information to Nokia Seimens. At the time Nokia Seimens was to acquire Motorola’s wireless network. This meant that some of Huawei’s IP would have gone to Nokia Seimens owing to a previous licensing arrangement between the Chinese company and Motorola.
A few months after Huawei’s lawsuit, both companies issued a joint statement. It stated that both companies have settled the lawsuits. As such, Motorola agreed to pay a fee to Huawei as compensation for allowing Nokia to use the IP in question. Similarly, Motorola also agreed to drop the charges against Huawei.
In the same year, Huawei sued ZTE in Germany, France, and Hungary. Huawei claimed that ZTE had infringed some of its patents pertaining to data cards and LTE. The company also claimed that ZTE had illegally used a Huawei-registered trademark on some of its data card products. The following day, ZTE counter-sued Huawei in China for LTE patent infringement.
The Nortel story is another incident that attracted a lot of bad press for the Chinese tech giant. Before its demise, Nortel was once a major player in the telecommunications sector. But it was plagued with numerous issues since the dotcom bust. Among them was alleged decade-long hacking into its systems, traced back to China. However, few believe that these link all the way to Huawei itself. Why? Because only a Nortel competitor would benefit from the stolen sensitive information.
Furthermore, few believe that Huawei’s rise to world telecommunications superpower status while Nortel was heading the other direction, is no coincidence. However, the actual turn of events is a bit complicated.
This has been the case for Huawei throughout its history. Over the years, there’s been a lot of finger-pointing at Huawei from companies, governments, and personnel all around the world. A few others in the list,
- US federal investigators accused Huawei of stealing glass technology from an American startup, Akhan Semiconductor.
- Huawei sued CNEX (co-founded by a former Huawei employee) claiming the startup used its patents to build its solid-state drive technology. CNEX counter-sued stating that Huawei had misappropriated its tech.
- In 2014, T-Mobile sued Huawei claiming the company stole tech from its Bellevue, Washington headquarters. The lawsuit accused Huawei employees snuck into a T-Mobile lab and stole part of Tappy, a smartphone testing robot. In 2017, a US jury ordered Huawei to pay $4.8 million in damages. Huawei responded by arguing that Tappy was not a trade secret and it was not even made by T-Mobile.
- In 2019, a Canadian IT Engineer residing in Taiwan reported his Huawei Mediapad M5 has been spying on him via apps on the device. Few weeks before the reported incident, a Huawei P30 Pro was discovered to be querying servers in China.
- A Huawei employee was arrested in Poland over spying charges.
But perhaps things started escalating for Huawei when Vodafone found backdoors to its products.
The case of the Italian backdoor
Last year, Vodafone acknowledged it discovered backdoors in several Huawei equipment during the 2009 — 2011 period. The discovered backdoors would have given Huawei unauthorized access to Vodafone’s fixed-line network in Italy. By 2011, Vodafone asked Huawei to remove the backdoors from home internet routers and the company reassured the issues were resolved. However, further testing revealed that security vulnerabilities continued to be intact.
Evidently the two companies worked to patch the vulnerabilities. Vodafone claims that it found no evidence of any data compromise. A year later, Vodafone also found vulnerabilities in Huawei-supplied broadband network gateways in Italy. According to Bloomberg, Huawei issued a statement mentioned that the company was made aware of the issues from 2011 and 2012 and that they were addressed accordingly.
There is absolutely no truth in the suggestion that Huawei conceals backdoors in its equipment. — Huawei
But upon a closer look, there are still concerning questions from the turn of events. In 2011, an independent security testing found a telnet backdoor. This would essentially give unauthorized access to Vodafone’s Wide Area Network. As mentioned in Bloomberg, “The telnet had “undocumented functionality inserted by Huawei without notifying Vodafone,” including a “hidden Telnet daemon” program.” Anyone aware of this backdoor could gain administrative privileges to the routers.
Router manufacturers sometimes use telnet as a means of managing equipment. Its an industry practice, but Vodafone states that this was not. Vodafone requested this to be removed, Huawei claims they did so afterward. But Vodafone found that the telnet service still exists. Later, it was reported that Huawei refused to fully remove telnet access owing to a manufacturing requirement.
To be fair, backdoors are not a new thing. These can be common in network equipment as backdoors would allow developers to manage them. At the same time, these would leave systems vulnerable to attackers. According to Stefano Zanero, an associate professor of computer security at Politecnico di Milano University, “There’s no specific way to tell that something is a backdoor and most backdoors would be designed to look like a mistake.”
Unfortunately for Huawei, its political background raises concerns. The company’s conduct in response to this backdoor scenario did not help.
“What is of most concern here is that actions of Huawei in agreeing to remove the code, then trying to hide it, and now refusing to remove it as they need it to remain for ‘quality’ purposes.”- Former Vodafone Chief Information Security Officer, Bryan Littlefair
The discussion of potential security risks from Huawei resurfaced in 2019 with 5G taking the spotlight. Huawei provides the bulk of the 5G infrastructure in Europe. But telecom operators like Vodafone have become so reliant on Huawei as a supplier that its impractical to go for alternatives. That being said, it hasn’t stopped countries around the world from questioning the Chinese tech giant.
The US and the 5G conundrum
Huawei’s current 5G problems are largely due to the United States’ aggressive efforts in light of the US-China trade war. The United States has been raising security concerns for more than a decade. One of the main concerns is the company’s military links. Huawei’s founder Ren Zhengfei, served as an engineer for the Army in the 1980’s. Due to this, some suspect that the company still maintains close links with the Chinese government.
In 2012, a committee issued a report against Huawei and ZTE. The report accused the 2 companies of being arms of the Chinese government. It also claimed that Huawei and ZTE had stolen IP from American companies. According to The New York Times, the committee had gained access to internal documents via former Huawei employees. These documents allegedly revealed that Huawei supplied services to a cyberwarfare unit in the People’s Liberation Army in China.
Fast forward to 2019, Huawei is leading the charge in kicking off 5G in many countries around the world. But the United States has been citing security concerns of doing business with Huawei for over a decade. With the advent of launching 5G, the US double-downed on the charges.
As tensions between the US and China built up, the US Commerce Department placed Huawei on an entity list. By May 2019, Huawei was banned from the US and American companies were prohibited from conducting business with the tech giant. Following this, several governments took caution in dealing with Huawei. The UK government for instance, dialed back on the country’s 5G deployment plan.
By February 2020, the UK government announced that it will only allow Huawei a limited role in deploying 5G in the country. However, now it seems like Huawei might be completely kept out.
The same month, a superseding indictment made new allegations against the company. It alleges that Huawei managed to successfully steal IP for decades. Additionally, claims were also made that the company was engaged in covert efforts in shipping goods and services to Iran and North Korea.
Is the US right to fear Huawei?
There’s no easy answer. Huawei’s checkered past does raise a lot of questions. Furthermore, even if by all accounts Huawei is on the right side of things, there’s the Chinese government’s “National Intelligence Law”. This states that if asked, all Chinese companies and citizens are to assist the government in national intelligence efforts.
In a scenario where Huawei supplies 5G facilities to a particular country/region, the Chinese government could potentially exploit the situation. Accusations aside, this fact alone instills fear in other countries, particularly the US.
To be fair, the US does not have the moral high ground either. Reports suggest that the American authorities might have been doing their own spying as well.
All in all, the allegations against the tech giant are not mere fingerpointing. Given Huawei’s history, these questions around security and intellectual property theft will not go away anytime soon.
Then again, not everything is black and white. It's always wise to take everything with a grain of salt.