Huawei, the Chinese telecom equipment company that officials in the United States and other countries have deemed a national security threat, is taking steps to clean up its act. Or, rather, its coding.
The company is sending a team of engineers to visit Felix Lindner, a former hacker in Germany who has publically criticized Huawei products, pointing out vulnerabilities in products, from inexpensive Internet devices for the home to multimillion dollar equipment.
Reuters reported the development Oct. 31, after speaking with John Suffolk, Huawei’s global cyber-security chief, at a cyber-security conference in India. Suffolk said he was attending the conference to hear what Lindner might say about Huawei, and that while Lindner’s comments can feel like a “slap in the face,” sometimes such wake-up calls are necessary.
“Sometimes you need a bit of a slap in the face to step back, not be emotive in your response, and say, ‘What do I systematically need to change so over time any of these issues begin to reduce,'” Suffolk told Reuters.
He added, “I can fix the Felix issue in a few lines of code. But I’m interested in systemic change within Huawei.”
The U.S. House Intelligence Committee released a report Oct. 8, following an 11-month investigation, warning U.S. companies in “sensitive” industries—from electric power grids to finance systems to gas, oil and water systems—not to do business with Huawei, as it poses a potential risk to U.S. security. ZTE, another China-based telecom equipment company, was also included in the warning.
“Any bug, beacon, or backdoor put into our critical systems could allow for a catastrophic and devastating domino effect of failures throughout our networks,” the committee wrote in the extensive report.
It continued, “We have serious concerns about Huawei and ZTE, and their connection to the communist government of China. China is known to be the major perpetrator of cyber-espionage, and Huawei and ZTE failed to alleviate serious concerns throughout this important investigation.”
Again suggesting Huawei’s desire to clear its name, the investigation was started at the company’s prompting—a fact that left the committee confused and frustrated when members said that Huawei was unforthcoming with information and unwilling to explain its relationship with the Chinese government or the Chinese Communist Party.
Fears of Huawei’s connection to the Chinese government have additionally kindled from the fact that Huawei CEO and founder Ren Zhengfei is a former Chinese military officer with links to government officials.
In another effort to move past such suspicions, Huawei set up a center in the U.K. where its products can be tested, and earlier this month announced plans to do the same in Australia.
John Lord, chairman of Huawei’s Australian business, explained to Australia’s Press Club Oct. 24 that as a business-to-business company, Huawei hadn’t grasped the need to sell itself to the public.
“Huawei has done a very poor job of communicating about ourselves, and we must take full responsibility for that,” said Lord.
As for the findings of former hacker Lindner, wrote Reuters, he said he’d found “no deliberate backdoors in the software” offering a way for the products to allow for spying, but that problem was simply “poorly written” software that left the devices vulnerable to attacks.