The Federal Communications Commission (FCC) and Homeland Security Bureau have designated Huawei and ZTE as threats to U.S. national security. Because both Chinese companies are subject to the Chinese Communist Party, they are required by law to cooperate with China’s intelligence gathering activities. China has developed an arsenal of cyber capabilities to target U.S. information security. The use of these companies’ products therefore allows the communist party to exploit network vulnerabilities and compromise critical communication networks.
FCC Prohibits Import of Telecom Equipment
On November 25, 2022 the FCC announced that it had adopted final rules to bar the sale or import of telecommunications equipment manufactured by Huawei and ZTE. It also included products from Dahua Technology Hangzhou Hikvision Digital Technology Co. and Hytera Communications. This action was unanimously approved by the four FCC commissioners. This is the first time in history that the FCC has voted to prohibit electronic equipment to protect national security.
While protecting government concerns, the actions taken do not provide complete protection from questionable devices. The ban does not block all products from these companies but focuses on equipment intended for public safety, government facility security, critical infrastructure surveillance, or national security purposes.
The United States is not alone in these bans. The United Kingdom, Canada, Australia, and New Zealand have also acted against Chinese companies involvement in telecommunications, especially equipment involved with 5G technologies. This action will likely bring to focus banning other equipment generated by hostile state-controlled companies.
Similar actions by the U.S. federal government are taking place against Chinese firms as the FBI has voiced concerns about TikTok’s use of U.S. citizens’ user data to the House Committee on Homeland Security by Director Christopher Wray. The Chinese owned social media app currently has over one billion monthly users. Among the FBI’s concerns is that the Chinese government could conduct influence operations with the app or use it to gain control of millions of user devices.
FCC Bans Universal Service Fund For These Companies
The FCC banned the use of the agency’s Universal Service Fund for the purchase services or equipment from Huawei and ZTE in 2020. This fund is currently 8.3 billion dollars per year and is used to provide affordable communications for schools, libraries, and rural health care. At that time carriers receiving monies from the fund were required to purge their networks of such equipment.
At that time both agencies claimed ample evidence justifying these actions. In fact the agency spent 1.9 billion dollars in 2021 to remove Huawei and ZTE gear that was being used in U.S. rural areas.
Huawei No Stranger to U.S. Scrutiny
The Bureau of Science and Industry (BIS) restricted Huawei’s semiconductor manufacturing capabilities in May of 2020. BIS took this action to prevent the company from acquiring semiconductors that are the direct product of U.S. technologies and software. These technologies now fall under the Export Authorization Regulations (EAR). In the same year Homeland Security prohibited the company from engaging in government contracting services under the Prohibition on Contracting for Certain Telecommunications and Video Surveillance Services or Equipment.
The Department of Justice also prosecuted a case against the company for participation in a fraudulent scheme to export banned U.S. goods and technologies for its business in Iran. Although Huawei denied these allegations, company records show that the company was directly involved in these actions.
CVG Strategy Cybersecurity Solutions
FCC concerns about Huawei and ZTE illustrate the severity of cybersecurity threats to businesses in the United States. IT solutions alone are not sufficient to combat these forces. Viable solutions include all stakeholders in an enterprise. They include people, policies, procedures, risk analysis, incident responses, and an internal auditing process that yields constant improvement.
CVG Strategy provides cybersecurity consulting and training for large and small organizations. Our experts can tailor a program using risk management process to identify information assets and interested parties. We can create the documentation and provide the essential training to establish your ISMS and guide you through certification audits.
CVG Strategy also provides consulting services for NIST 800-171 and CMMC Certification for those businesses and institutions providing services to the Department of Defense and other government agencies.