Security Experts:

House to Investigate Threat Posed by Chinese-owned Telecoms

Security Concerns over Chinese-owned telecommunications companies

On Thursday, Rep. Mike Rogers, the Chairman of the House Intelligence Committee, announced that the House Permanent Select Committee on Intelligence (HPSCI) had opened an investigation into the threat posed by Chinese-owned telecommunications companies working in the U.S.

Earlier this year, the committee staff was instructed to looking the threat posed by Chinese-owned telecoms operating state side, and after several meetings, briefings, and studies conducted by the intelligence community and private sector, “this preliminary review suggests that the threat to the supply chain constitutes a rising national security concern of the highest priority,” Rep. Rogers’ office said in a statement.

“This investigation will review the extent to which these companies provide the Chinese government an opportunity for greater foreign espionage, threaten our critical infrastructure, and further the opportunity for Chinese economic espionage.”

The committee will also look into whether the United States government (including the intelligence services) are appropriately focused on discovering “the full scope of the Chinese threat” and working on creating mitigation measures to ensure telecom security nationwide.

“The fact that our critical infrastructure could be used against us is of serious concern,” said Chairman Rogers.

“We are looking at the overall infrastructure threat and Huawei happens to be the 800 pound gorilla in the room, but there are other companies that will be included in the investigation as well. As the formal investigation begins, I stand by my caution to the American business community about engaging Huawei technology until we can fully determine their motives,” said Rogers.

Leading the investigation are Chairman Rogers, a former FBI special agent, and C.A. “Dutch” Ruppersberger, a ranking member and former prosecutor, who agree the investigation “must be allowed to go where it leads.”

Part of the assessment will include collecting information from relevant telecommunications providers, as well as information from private-sector telecommunications security experts. They also plan to conduct interviews with key U.S. government officials, Rep. Rogers’ office added, as well as hold hearings and briefings to uncover “...what these Chinese companies are capable of doing and how our intelligence community could be better focused on this threat.”

“We already know the Chinese are aggressively hacking into our nation’s networks, threatening our critical infrastructure and stealing secrets worth millions of dollars in intellectual property from American companies...The same way hacking can be a threat; vulnerabilities can derive from compromised hardware on which our telecommunications industry rely. The purpose of this investigation is to determine to what extent Chinese communications companies are exploiting the global supply chain and how we can mitigate this threat to our national and economic security,” said Ruppersberger.

Last month, it was reported that Huawei was blocked from participating in a government bid to build a national wireless network for first responders, with the reasoning given being national security concerns. A Pentagon report on the Chinese military singles out Huawei as a company that maintains “close ties” to the People’s Liberation Army.

“Given that to the best of Huawei’s knowledge neither the Commerce Department nor any other agency of the U.S. government has conducted any audits of our equipment, such a determination seems utterly capricious,” William Plummer, Huawei’s vice president for external relations commented, when asked about the bid.

Just last week, Symantec announced that it would sell its 49% stake in Huawei Symantec Technologies, a Hong Kong-based joint venture established by Huawei and Symantec in 2008.

“Due to our heritage in China - where all of our competitors also conduct R&D and code software and build solutions - Huawei’s business activities in the U.S. have been repeatedly and unfairly challenged due to vague supposed security concerns that have never been substantiated.”

Related Reading: Students Develop Techniques to Keep Malware Out of the Electronics Supply Chain

Related Reading: Attacks on Mobile and Embedded Systems: Current Trends

Related Reading: Security Focus on Consumer Electronics w/ Free Software Trial

Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.