Democratic Candidates Must Address Cyber Threats
As we’ve seen from the debates so far, the Democratic presidential candidates seem focused on relitigating opponents’ past records and the 2016 election. They’re missing an opportunity to discuss major national security concerns that affect every day Americans. Cybersecurity threats, from election interference by Russia to 5G dominance by China, are top concerns for our national security.
The U.S. faces continued security threats. Given the ongoing trade discussions with China, the Democratic candidates must make plans for how bilateral relationships can improve, while mitigating the security threats China presents.
Huawei, a Chinese company and global leader of 5G technology, embodies security threats that have direct connections with Chinese state actions. A recent report showed that almost 200 Huawei employees have backgrounds in Chinese national security, and it seems that Huawei is a revolving door for the Chinese People’s Party (CPP). Because of this, analysts in previous reports have estimated that Huawei decisions are 99% controlled by the Chinese government. Proving this, Huawei was founded and is led by Ren Zhengfei, a former People's Liberation Army (PLA) military technology and intelligence officer. Depending on the 5G network that Huawei is building and proliferating, China could gain access to sensitive intelligence and data.
Because Huawei and the Chinese state are connected at the hip, a giant concern is China’s 2017 National Intelligence Law, which stipulates that “any organization or citizen shall support, assist and cooperate with the state intelligence work in accordance with the law.” While Huawei continues to proclaim their independence, it’s simply unrealistic to believe them. The U.S. conducted $737.1 billion in trade with China in 2018. As a strategic trade partner, there must be a plan to mitigate the security threat while protecting our economy.
Chinese state-sponsored cyber hacking and theft of intellectual property has remained a contentious point between our two countries — recall the hack of the U.S. Office of Personnel Management. Last year, two Chinese nationals were charged as a part of government-backed hacking campaign whereby they gained access to information from NASA, the U.S. Department of Energy, and others.
American data, as we have seen from repeated cyber breaches is vulnerable. It’s not always state actors who will seek to exploit vulnerabilities. But, the more that we are connected to the internet, from cell phones to IoT devices to military devices, the more vulnerabilities are present. If Huawei establishes itself as the leader and monopolized provider of the 5G global network, the risk of future breaches increase exponentially, especially since Huawei has a track record of building backdoor access into their networks via hardware and software.
Huawei’s potential access to sensitive data isn’t just present in the US. The risk presents itself if Huawei and other vulnerable technology is present in the networks of our closest allies. The Five Eyes -- the United Kingdom, Canada, Australia, and New Zealand (and the U.S.) — are deciding if they should allow Huawei to develop and deploy the 5G network in their countries. If they decide to allow Huawei to deploy, it could significantly affect how the U.S. shares sensitive information and intelligence. We would not want to share sensitive national security information on a network that we know is riddled with vulnerabilities.
But the cybersecurity threats don’t just come from China. Russia continues to undermine and threaten American democracy. Russia was able to interfere with our elections by leveraging third party applications, such as APIs, to mine and manipulate data via major online social networks. Furthermore, Huawei recently negotiated with Russia to build their 5G network. If Huawei becomes the global provider of 5G, the Chinese government, Russia, and other threat actors would have a direct pipeline to our data and online behavior. While the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has made cybersecurity a priority, the lack of action by Congress to fund and take serious action to secure our election infrastructure speaks volumes.
These threats won’t disappear and require deft diplomacy, innovative policy solutions, and sustained engagement with our allies. The good news is, there are some solutions. While the U.S. can continue to ban Huawei, it’s unrealistic to expect that all of our allies will follow suit.
New interoperability standards would help secure 5G networks. If all 5G technology is interoperable, then countries will be able to choose the best technology, regardless of which manufacturer is already in their networks. However, Huawei is the only major 5G provider that is not a member of the O-RAN alliance, an organization made up of major telecommunications companies that is pushing for interoperability standards.
Interoperability is necessary for technology to work well together. For example, think of emojis and how they appear slightly different on current network providers and operating systems (i.e. Android versus iOS). But emojis can still be used across all platforms. If it were up to Huawei, we would only be able to use their versions of emojis and all others would be locked out, creating an emoji monopoly.
It’s clear that candidates need to start explaining how they will change the status quo and ensure that our national security and cybersecurity are strengthened. Protecting our national security is more than just issuing talking points — it’s participating in global organizations, setting standards, and listening to industry leaders to ensure that critical infrastructure technology is secure and protected.
Nate Snyder is a former senior counterterrorism official with the Department of Homeland Security and the Countering Violent Extremism Task Force under President Obama. He is currently a Senior Advisor with Cambridge Global Advisors.