Huawei, hacking, and the stench of western hypocrisy

An Edinburgh-based company engaged in an innovative wave-energy project was the target of a mysterious break-in in 2011. Stolen from its office were laptops containing details of a prototype named Pelamis.

The break-in took place two months after a visit to the company by a 60-strong delegation led by China’s then vice-premier. It was not an opportunistic theft. Burglars scaled a perimeter fence, broke through the front door and went straight to the Pelamis office. Four years later a near-perfect copy of Pelamis called Hailong (Dragon) 1 appeared in the South China Sea.

I investigated this in 2016 while defence and intelligence correspondent for the Guardian, after a whistleblower got in touch through encrypted chat. Although the Chinese government denied any involvement, it has form where the theft of industrial secrets is concerned. Reports have piled up of Chinese covert operations, from crude break-ins to sophisticated hacking, targeting industrial, military and state secrets.

So it is no surprise the US and UK intelligence agencies express unease over Chinese telecoms giant Huawei. The US argues it is madness to allow a Chinese company to build 5G broadband networks around the world, including in the UK.

Part of the US motivation is economic: Huawei is winning bids from US tech rivals. But the UK intelligence agencies share worries about letting Huawei in. The government is divided, as demonstrated by the leak from the National Security Council (NSC) that resulted in the sacking of defence secretary Gavin Williamson. While the NSC backed allowing Huwaei limited access, several cabinet ministers—including Williamson—were opposed.

Yet there is a missing chunk in the debate so far over Huawei. The US and UK intelligence agencies give a vague impression that spying is one-way traffic—as if leaks by the US National Security Agency (NSA) whistle-blower Edward Snowden in 2013 never happened. In truth, these showed that the UK and US are as guilty of spying as anyone.

Huawei has not forgotten. Snowden was cited in April this year by the firm’s chief security officer, John Suffolk, in response to criticism from the US that Huawei poses a security threat. “Snowden revealed all kind of things going on with American technology,” he said. “No one has revealed anything that we do [is bad].”

Suffolk—who was once the UK government’s chief IT adviser—has a point. Snowden’s documents showed the US and UK engaged in mass surveillance, sucking up the world’s communications on an extraordinary scale, targeting not only rivals but allies and their own citizens. I was one of the journalists who met Snowden in Hong Kong where he handed over tens of thousands of classified documents. He had been based in Hawaii, the NSA’s main base for hacking into China.

Snowden has stayed out of the Huawei controversy. But many of the documents he leaked are relevant. One shows pictures of the NSA apparently intercepting computer network devices from US technology company Cisco, bound for China. Having intercepted the shipment, the NSA appears to install surveillance devices. Cisco is adamant it had no knowledge of this.

The US criticism of Huawei is based on the assumption that allowing a Chinese company to build your broadband network leaves you uniquely vulnerable. But the Cisco document, and others in the Snowden cache, undermine this by showing there are myriad ways in which to mount surveillance on individuals, companies and states—many of them used by the western authorities.

The other charge against Huawei is that it is not independent of the Chinese state. But the US tech and communications companies are not entirely independent of the US government. The Prism programme, revealed by Snowden, showed how big communications companies handed over private data to the NSA. The companies insisted they legally had to comply.

There was justified global outrage, especially in Europe, when it was realised the US tech companies had been secretly handing over private data. What should be just as troubling is the NSA did not even need their co-operation: the agency helped itself anyway through backdoor vulnerabilities.

One of many examples of double standards is the Snowden disclosure about the US and UK tapping the transatlantic fibre-optic cables carrying much of the world’s communications. GCHQ has a base in Cornwall monitoring this traffic. There was no sense of irony when Britain’s air chief marshal Stuart Peach warned in 2017 of a threat posed by Russian spy ships stationed near the cables.

The US and UK would rightly feel aggrieved at any suggestion of moral equivalence with China and Russia, with their abysmal human rights records and lack of rule of law. But it is hypocritical to express concern about Russian and Chinese spying while playing down your own activities. This is especially true when the capabilities of the US and UK far exceed those of their rivals. They are years ahead of China and Russia—and since Snowden have developed even smarter surveillance programmes, to replace those compromised by his leaks.

There is no likelihood that China will rein in its spying activities and relentless theft of industrial secrets any time soon. Nor is there any chance of the US and UK scaling back their own surveillance activities.