x
Asia

How Australia came to ban Huawei

Australian cybersecurity experts spent eight months trying to find a way to secure Huawei equipment but concluded they could not prevent it being shut down on Beijing's orders, according to revelations in a new book.

The book, Red Zone, reports that after war-gaming a Huawei 5G deployment hackers from intelligence agency Australian Signals Directorate (ASD) estimated it would need around 300 security measures.

Yet even that could not guarantee network safety and they advised that the risk could not be contained, according to the book by Sydney Morning Herald journalist Peter Hartcher.

Australia's formal ban on Huawei of 2018 was the first by any country and still rankles with Beijing, which has placed it high on its list of 14 grievances against Australia.

Underlying the specific problems around the risks were two larger factors.

First was China's 2017 National Intelligence Law, which requires all Chinese companies and citizens to comply with security agencies on intelligence matters.

At one level this hardly matters. There is little chance any Chinese person or company would reject a request for assistance on security matters.

But critics point out the law really codifies the government view that intelligence-gathering is an obligation of every Chinese citizen, like paying taxes. It is not just a legal requirement, it is expected of them.

The second part is around the anticipated role of 5G as an enabler of massive IoT.

"It's not about the interception of telephone calls. We've got that problem with 4G, we had it with 3G," an unnamed senior ASD official told the author.

Control over a 5G network would mean that vast parts of the national infrastructure would be vulnerable.

"The sewerage pump stops working. Clean water doesn't come to you. You can imagine the social implications of that. Or the public transport network doesn't work. Or electric cars that are self-driving don't work," the intelligence officer said.

The 5G network would be "number one on our critical infrastructure list in need of protection once it's fully operational."

That view had always been implied, but this is the first time a Western intelligence official has put it so clearly.

The China 5G threat is not about "backdoors" as was claimed for so long but about 5G's role as a critical digital enabler.

The then-prime minister, Malcolm Turnbull, a successful businessman and tech investor, took a hands-on role in the decision. His starting point was to see if the risks of a Chinese-designed and -built 5G network could be managed effectively.

In what is surely a first for a national leader, he even bought and absorbed the contents of a 500-page book called A Comprehensive Guide to 5G Security.

The ASD set up a red-versus-blue war game over eight months and compiled a spreadsheet of 300 risks and possible migitations. These included, for example, "full and sole access to the source code, updates being done in Australia only, and full access to hardware schematics."

But they determined these would not be enough. The problem was not the specific threats, but in knowledge of the system design. As the intelligence officer explained: "It's the control of the design that gives you zero cost of entry."

"If I want to understand how to break in, I don't have to break in. I just look at the blueprints – I understand the software, I know how it works ... That allows me to gain access, to switch things off, and that disrupts the country – elements of it, or the whole country. That's why you've got to be concerned."

As the New York Time reported, in one of the very last acts of his prime ministership, Turnbull announced the ban on Chinese vendors on August 22, 2018.

— Robert Clark, contributing editor, special to Light Reading

Be the first to post a comment regarding this story.
HOME
Sign In
SEARCH
CLOSE
MORE
CLOSE