There is increasing focus on the use of Chinese equipment in telecommunications networks in the West and associated security threats. It is a threat which has been described at least since 2005 by military intelligence in the “Five Eyes” countries, the USA, the UK, Canada, Australia, and New Zealand. In 2018, Huawei invited political scrutiny in the process when operators began to upgrade their 2G/3G/4G mobile networks to a combination of 4G and 5G.
In any event, people, machines, and devices connect digitally, and society increasingly depends on the Internet. In the race to realize this digital society, there has been limited scrutiny to China’s role across the information technology supply chain. While intelligence agencies and security analysts around the world have highlighted the technological threats, the appetite for products and services made from companies with connections to the Chinese government and military grows.
It is rational to investigate the security and resilience of the products and services we use. Given the interconnected nature of digital technologies, it is not just the networks themselves that are in question, but the devices attached to them and the services that run across them. Strand Consult believes that this debate is more complex than the role of a single company or technology and published this research note The debate about network security is more complex than Huawei. Look at Lenovo laptops and servers and the many other devices connected to the internet.
To help make sense of these and related issues, Strand Consult has launched ChinaTechThreat.com for the following reasons:
- Cybersecurity is increasingly important and demands greater attention. Many political leaders do not give it the attention it deserves, frittering away valuable time and resources to promote self-serving political issues while ignoring real technological threats.
- The focus on network equipment alone is too simplistic. In a connected world, threats can emerge from any point in the supply chain, whether the backbone, connected device, of app/service software.
- Lawmakers and regulators fail to incorporate sufficiently the security implications of their policies, unwittingly putting consumers at greater risk by limiting the ability of firms to respond to and secure their networks, products, and services from cybersecurity threats and reducing their ability to invest in research and development. Just look at how European telecom regulation has reduced Europe’s once booming research & development sector for ICT and hundreds of thousands of jobs. European authorities pursued this strategy with the idea of driving down prices for communications technologies because they believed it be good for consumers. This short-sighted strategy robbed the European Union of important technical competences, competitiveness, and employment. Ironically consumers are now at risk from surveillance, espionage, and sabotage by Chinese-made technology.
- Just as the financial sector has incurred huge costs for managing regulatory compliance around the world, the telecommunications sector will be hit by similar costs to ensure the security of networks, products, and services.
- Just as governments require online platforms to monitor and remove certain kinds of content, governments will require ICT providers to police networks for cybersecurity threats.
- ICT providers are expected to bear an increased burden and costs to address the security threats but do not necessarily receive political support. Moreover these demands may conflict with other laws and policies.
- It costs real money to build resilience into products and services, and it is important to have an transparent discussion about the costs and tradeoffs for cybersecurity with other political goals.
While cyber threats stem from many countries, the overwhelming perpetrator is China. It is important to focus on China because
- Information technology equipment is largely developed and manufactured in China
- Western companies working in and with China operate under unfair and unsafe conditions, if not illegal per international treaties. Notably Chinese companies receive far better treatment in the West than Western companies receive in China.
- The process to review the safety and security of IT products and services is insufficient, and even if with increased resources, it will be impossible to detect all the threats.
- The Chinese government and their associated entities conduct business with a set of practices antithetical to Western laws and norms of free and fair competition.
- Fortunately, efforts to address Chinese security threats will also strengthen the ability of nations and firms to protect against threats from other countries.
This website gathers Strand Consult’s research on the topic and related materials from other experts to better understand this complex issue and to bring transparency to its drivers.
John Strand is telecom industry veteran. For more than 24 years, he has advised the leaders of telecommunications, media and major telecoms players around the world. He is one of the best-known consultants in the business. Anyone who has met John Strand knows that he always speaks his opinion. Being honest – and giving his honest opinion on current issues in the mobile industry has become John’s trademark – even when it means being controversial or treading on a toe or two.
The fact that John works in an industry that loves to hype new products and services is no secret, on the other hand John is the first to object. Hype simply does not work on John. He is quick to cut through the BS and use facts to specify the difference between hype and what will happen in the real world.
Together with his team of analysts, John Strand has a unique ability to predict the future of the Telecom industry and the other industries that this exciting business is converging with. Many people are naturally skeptical about fortune-tellers – John Strand’s attitude is that people should not judge him on what he is predicting about the future, but rather on what he previously predicted would happen today. Read more here: http://understandingmobile.com/
Roslyn Layton, PhD co-founded ChinaTechThreat.com to improve security policy and to protect Americans from malign technology produced by firms owned and affiliated with the People’s Republic of China. She is Senior Vice President at Strand Consult and visiting researcher at Aalborg University’s Department of Electronic Systems. Dr. Layton focuses on evidence-based policy and regulation for the information, communications, and digital technology industries.
She serves as the Program Committee Co-Chair for the Telecom Policy Research Conference and is a Senior Contributor to Forbes.
Dr. Layton served on the President Elect Transition Team for the Federal Communications Commission (FCC). She has a Ph.D. in business economics from Aalborg University, an M.B.A. from the Rotterdam School of Management (Netherlands), and a B.A. in international service from American University.