Huawei this week appeared to defend itself against criticism from members of the US Congress who have questioned the company's dealings with Iran.
The Chinese maker of smartphones and other telecommunications equipment released a 24-page white paper on cybersecurity written by its global security officer, the former UK chief information officer John Suffolk, in which Huawei argued that global networking that connects "different regions" and "different cultures" ultimately works to "advance ... the progress of human civilization."
Though the report did not specifically refer to allegations made against Huawei, Suffolk made a point to note that "protecting the network security of our customers is in line with Huawei's fundamental interests." The paper also referred to the Stuxnet virus, commonly believed to have been developed and deployed by the US or a US ally to disrupt Iran's nuclear enrichment program, as leading to a "cyber race to the bottom of the pit and the return of the Wild West."
Huawei, along with fellow Chinese tech firm ZTE, has in recent months faced sharp scrutiny from members of Congress with regards to its dealings with Iran, a country subject to US economic sanctions that penalise foreign companies doing business with it.
But Suffolk's report questioned the very notion of "foreign developed" technology in a globalised world where large US tech companies themselves run R&D and manufacturing operations in China, India, and elsewhere.
"[T]he concept of 'foreign-developed' in today's globally intertwined world is meaningless just as the notion that companies or products from one part of the globe can be trusted more than companies or products from another part of the globe. You have to wonder whether this thinking is any more than trade protectionism masquerading as national security," he wrote
Though US legislators last year called on the Treasury Department to investigate Huawei and ZTE, it is the latter company that has been the focal point in recent months.
In July, more than a dozen US lawmakers penned a letter urging Treasury Secretary Timothy Geithner to investigate ZTE for allegedly supplying Iran's largest telecom provider with surveillance equipment and US-made technology banned from sale to Iran under current US sanctions against the country.
ZTE, also under scrutiny in recent months for puzzling security holes present in some of its consumer products sold in the US, is alleged to have sold or contracted to sell embargoed computer software and equipment made by Microsoft, Hewlett-Packard, Oracle, Cisco, Dell, Juniper, and Symantec to the Telecommunication Company of Iran (TCI).
The signatories also alleged that the Shenzhen, China-based company, in further violation of US sanctions against Iran, sold TCI "surveillance technologies that would allow TCI the ability to monitor all mobile, landline, and Internet communications throughout Iran."
The letter describes TCI as an Iranian "government-controlled entity," though technically, the company was privatised in the latter half of the last decade and had an initial public offering in 2009. However, the majority shareholder in TCI is an entity called the Mobin Trust Consortium (MTC), which is run by the Army of the Guardians of the Islamic Revolution, a branch of the Iranian military that reportedly focuses on quashing internal dissidence and military uprisings.
Huawei's cybersecurity white paper has already been met with scepticism from analysts in the US. As we included in yesterday's Security Roundup, prominent security commentator Jeffrey Carr says Suffolk's report fails to deal with a lot of concerns he, and others, have about the company.