the “Cyber Security Evaluation Centre” set up [in Banbury, UK] by Huawei, a Chinese telecoms giant, in 2010 marks a new way of persuading purchasers, and the British government, that equipment from the manufacturer that runs it can be trusted.
It operates in close co-operation with GCHQ, Britain’s signals-intelligence agency, located conveniently just over the Cotswolds in Cheltenham. Its security-cleared staff, some of whom used to work for GCHQ, are responsible for making sure that the networking equipment and software that the Chinese firm wishes to sell to British telecoms companies are reliable, will only do what customers want them to do and cannot be exploited by cybercriminals or foreign spies—including Chinese ones.
Over the past ten years or so, Chinese telecoms firms such as Huawei and ZTE, another telecoms-equipment provider, have expanded from their vast home market to become global players. This is a worry not just for the rich-world incumbents under threat but also for those responsible for the integrity of critical infrastructure such as phone systems.
They fear that the companies’ networking gear and software could be used by China’s spooks to eavesdrop on sensitive communications, or that it might contain “kill switches” which would allow China to disable the systems involved in the event of a conflict. “I think it’s ridiculous to allow a Chinese company with connections to the Chinese government and the People’s Liberation Army (PLA) to have access to a network,” says Dmitri Alperovitch of CrowdStrike, a web-security outfit.