18-06-2020 | | By Robin Mitchell
China has been the centre of worldwide manufacturing for decades, and with China beginning to develop their products as well as shifting towards the service industry should the rest of the world embrace this? Why are countries hesitant to allow China to provide 5G hardware and networking solutions?
Since WW2, China has continuously been developing as a nation increasing its influence on the world as global manufacture of low-cost goods. Now regarded as one of the worlds largest economies, China is now looking towards the development of original solutions as well as being a technological leader. This is evident with one of their largest mobile technology companies, Huawei, who claim to be years ahead in 5G technology than any other country. Under normal circumstances, other countries would be quick to license the technology to keep up with the ever-changing world, but not in this case. There has been a strong move with many nations around the world, including the UK, USA, and India to either reduce their reliance on Chinese technology or altogether avoid it. What would cause countries such great concern?
While it can be argued that most, if not all, countries around the world have government departments and organisations with shady practices (KGB, MI6, CIA), China is a country that stands out from the rest. The government that rules in China, the Communist Party of China, has an obsessive nature of control which is evident with the requirement that all companies in China have a communist party commission. The purpose of this commission is to ensure that the company operates in the interest of the government from employee behaviour to investment decisions. This level of control is amplified when all companies in China, by law, are required to take orders and direction from the government if needed.
To make matters worse, China has a long history of industrial espionage and intellectual theft. While China is the manufacturing centre of the world, many designs that are sent to be manufactured will often be copied and reproduced in a cheaper product alternative. This has substantial consequences on companies in the west who invest millions into new product design and research; only to have the profits diverted from them into a cheaper, often inferior product. But intellectual theft is being dealt with by world leaders using trade wars to incentivise the Chinese government to respect patients. So, if intellectual theft is being dealt with, why are governments reducing or removing original Chinese technology from their supply chains and public services?
In the past decade, there have been multiple instances of Chinese organisations spying through the use of their technological services or with the use of physical hardware attacks. The first example of this was the discovery of a surveillance IC integrated into server boards used for handling video content on large datacentres such as those found in Amazon, Microsoft, and Google. The discovery was made when Amazon requested that a third-party security company analyse their security. Upon examining the PCBs, a tiny chip was discovered that was not a part of the original motherboard design. The chip was designed to look like a CPU filter with only a few pins, but the device contained a microprocessor and some basic instructions. When activated, the chip can alter the operating system's core to allow modifications which would further enable outside access to the board, its sub-systems, and the greater network around it.
Another example of a major exploit was when it was discovered that China had been stealing information from the African Union Headquarters. China has been investing large amounts of money for the past decade into the development of Africa as a result of increasing trade between the two. When the African Union Headquarters was built, China supplied the servers and networking solutions for the building. For five years it appeared that all was well, but in January 2017 technicians discovered significant amounts of server activity between 12 AM and 2 AM every night. Upon further investigation, the data was found to be streaming to servers in Shanghai. However, Chinese officials labelled the report as being absurd and untrue, which also threatened the African-Chinese relationship.
These two stories are but a handful of examples of Chinese interference in foreign affairs, whether it be data theft or the installation of backdoors into devices. The inability to trust Chinese produced or developed equipment now has countries around the world concerned with their infrastructure. If power grids or mobile networks are based on Chinese-produced goods, then the use of backdoor hardware could allow attackers to disable these services or perform eavesdropping on sensitive data. Such control could also be advantageous in conflict with one side having technological superiority via direct control of essential services. This problem is amplified when all Chinese companies are required to obey the Chinese government, meaning that no companies in China can be trusted in matters of security.
For the majority of consumers, Chinese produced goods and services will not be a risk. If, however, an application involves intellectual property or the storage of customer data, then designers should think twice before relying on a Chinese made solution. Even getting PCBs manufactured in China can no longer be trusted as engineers can integrate tiny components onto a PCB that are barely detectable.