Did Huawei Really Steal? | The Startup
May 28, 2020 · 9 min read
By now most of us have already seen the news of the US Commerce Department extending sanctions against Huawei while adding further conditions to the company.
Ever since the original blacklisting back in May 2019, the US was adamant about the existing security concerns with Huawei.
But what exactly are these security concerns? Did Huawei steal tech? More importantly, why is the US so keen on strangling the Chinese tech giant?
A questionable past
Now, the US is coming after the company mainly because its 5G initiatives will give Huawei an upper hand in the technology game. America is that grumpy kid who threw a tantrum because he didn’t get the toy he s. Now that kid doesn’t want anybody else to have that toy either.
But the allegations against Huawei are not completely unfounded. In fact, the Chinese tech giant has a very questionable past.
The first notable incident goes back to 2003. Cisco sued Huawei accusing the company of stealing Cisco’s router technology.
An excerpt from Cisco’s motion for a preliminary injunction against Huawei read, “Defendants[Huawei] have engaged in what amounts to theft of Cisco’s intellectual property by misappropriating and copying Cisco’s source code, duplicating Cisco’s user interface, and plagiarizing extensively from Cisco’s user manuals.”
Photo by Thomas Jensen on Unsplash
By 2004 the case was settled and Huawei removed the code in question. The company also admitted that it copied code from Cisco. Although Huawei claimed that the particular section was less than 2% of the 1.5 million lines of code.
In the same year, Fujitsu Network Communications pointed the finger at Huawei.
The company had caught one of Huawei’s employees allegedly trying to nab information off a rival product at the SuperComm trade show.
The individual Yi Bin Zhu was found to have removed the casing from a $1 million networking gear. Zhu had proceeded to photograph the circuit boards and diagram other suppliers’ networking gear.
Six years later, Motorola sued Huawei over allegedly misappropriating trade secrets. In the complaint, Motorola claimed that five of its former employees have been sharing trade secrets with Lemko, a wireless technology competitor at the time. Later, Motorola amended the complaint accusing the defendants (Lemko and the former employees) have been working with Huawei.
Furthermore, the complaint read that “there is at least part of an email chain that has been recovered that confirms that Defendant Shaowei Pan, at Huawei’s request, transmitted proprietary and confidential Motorola specifications for the Motorola SC300 base station to Ren Zhengfei and JinLong Hou, Huawei’s vice president of wireless communications, in March 2003 and that a meeting and an agreement for the transfer of Motorola proprietary information did, in fact, take place in Beijing during the China trip in February-March 2003.”
Photo by John Tekeridis on Pexels
By 2011, Huawei filed a lawsuit to prevent Motorola from giving its IP information to Nokia Seimens. At the time Nokia Seimens was to acquire Motorola’s wireless network. This meant that some of Huawei’s IP would have gone to Nokia Seimens owing to a previous licensing arrangement between the Chinese company and Motorola.
A few months after Huawei’s lawsuit, both companies issued a joint statement. It stated that both companies have settled the lawsuits. As such, Motorola agreed to pay a fee to Huawei as compensation for allowing Nokia to use the IP in question. Similarly, Motorola also agreed to drop the charges against Huawei.
In the same year, Huawei sued ZTE in Germany, France, and Hungary. Huawei claimed that ZTE had infringed some of its patents pertaining to data cards and LTE. The company also claimed that ZTE had illegally used a Huawei-registered trademark on some of its data card products. The following day, ZTE counter-sued Huawei in China for LTE patent infringement.
The Nortel story is another incident that attracted a lot of bad press for the Chinese tech giant. Before its demise, Nortel was once a major player in the telecommunications sector.
But it was plagued with numerous issues since the dotcom bust. Among them was alleged decade-long hacking into its systems, traced back to China. However, few believe that these link all the way to Huawei itself.
Why? Because only a Nortel competitor would benefit from the stolen sensitive information.
Furthermore, few believe that Huawei’s rise to world telecommunications superpower status while Nortel was heading the other direction, is no coincidence. However, the actual turn of events is a bit complicated.
This has been the case for Huawei throughout its history. Over the years, there’s been a lot of finger-pointing at Huawei from companies, governments, and personnel all around the world. A few others in the list,
- US federal investigators accused Huawei of stealing glass technology from an American startup, Akhan Semiconductor.
- Huawei sued CNEX (co-founded by a former Huawei employee) claiming the startup used its patents to build its solid-state drive technology. CNEX counter-sued stating that Huawei had misappropriated its tech.
- In 2014, T-Mobile sued Huawei claiming the company stole tech from its Bellevue, Washington headquarters. The lawsuit accused Huawei employees snuck into a T-Mobile lab and stole part of Tappy, a smartphone testing robot. In 2017, a US jury ordered Huawei to pay $4.8 million in damages. Huawei responded by arguing that Tappy was not a trade secret and it was not even made by T-Mobile.
- In 2019, a Canadian IT Engineer residing in Taiwan reported his Huawei Mediapad M5 has been spying on him via apps on the device. Few weeks before the reported incident, a Huawei P30 Pro was discovered to be querying servers in China.
- A Huawei employee was arrested in Poland over spying charges.
But perhaps things started escalating for Huawei when Vodafone found backdoors to its products.
The case of the Italian backdoor
Last year, Vodafone acknowledged it discovered backdoors in several Huawei equipment during the 2009 — 2011 period.
The discovered backdoors would have given Huawei unauthorized access to Vodafone’s fixed-line network in Italy.
By 2011, Vodafone asked Huawei to remove the backdoors from home internet routers and the company reassured the issues were resolved. However, further testing revealed that security vulnerabilities continued to be intact.
Evidently the two companies worked to patch the vulnerabilities. Vodafone claims that it found no evidence of any data compromise.
A year later, Vodafone also found vulnerabilities in Huawei-supplied broadband network gateways in Italy.
According to Bloomberg, Huawei issued a statement mentioned that the company was made aware of the issues from 2011 and 2012 and that they were addressed accordingly.
There is absolutely no truth in the suggestion that Huawei conceals backdoors in its equipment. — Huawei
But upon a closer look, there are still concerning questions from the turn of events. In 2011, an independent security testing found a telnet backdoor. This would essentially give unauthorized access to Vodafone’s Wide Area Network.
As mentioned in Bloomberg, “The telnet had “undocumented functionality inserted by Huawei without notifying Vodafone,” including a “hidden Telnet daemon” program.
” Anyone aware of this backdoor could gain administrative privileges to the routers.
Router manufacturers sometimes use telnet as a means of managing equipment. Its an industry practice, but Vodafone states that this was not. Vodafone requested this to be removed, Huawei claims they did so afterward. But Vodafone found that the telnet service still exists. Later, it was reported that Huawei refused to fully remove telnet access owing to a manufacturing requirement.
This is not the first time Huawei routers posed a security threat (Photo by Webaroo on Unsplash)
To be fair, backdoors are not a new thing. These can be common in network equipment as backdoors would allow developers to manage them. At the same time, these would leave systems vulnerable to attackers.
According to Stefano Zanero, an associate professor of computer security at Politecnico di Milano University, “There’s no specific way to tell that something is a backdoor and most backdoors would be designed to look a mistake.”
Unfortunately for Huawei, its political background raises concerns. The company’s conduct in response to this backdoor scenario did not help.
“What is of most concern here is that actions of Huawei in agreeing to remove the code, then trying to hide it, and now refusing to remove it as they need it to remain for ‘quality’ purposes.”- Former Vodafone Chief Information Security Officer, Bryan Littlefair
The discussion of potential security risks from Huawei resurfaced in 2019 with 5G taking the spotlight. Huawei provides the bulk of the 5G infrastructure in Europe. But telecom operators Vodafone have become so reliant on Huawei as a supplier that its impractical to go for alternatives. That being said, it hasn’t stopped countries around the world from questioning the Chinese tech giant.
The US and the 5G conundrum
Huawei’s current 5G problems are largely due to the United States’ aggressive efforts in light of the US-China trade war. The United States has been raising security concerns for more than a decade.
One of the main concerns is the company’s military links. Huawei’s founder Ren Zhengfei, served as an engineer for the Army in the 1980’s.
Due to this, some suspect that the company still maintains close links with the Chinese government.
In 2012, a committee issued a report against Huawei and ZTE. The report accused the 2 companies of being arms of the Chinese government. It also claimed that Huawei and ZTE had stolen IP from American companies.
According to The New York Times, the committee had gained access to internal documents via former Huawei employees.
These documents allegedly revealed that Huawei supplied services to a cyberwarfare unit in the People’s Liberation Army in China.
Photo by Mika Baumeister on Unsplash
Fast forward to 2019, Huawei is leading the charge in kicking off 5G in many countries around the world. But the United States has been citing security concerns of doing business with Huawei for over a decade. With the advent of launching 5G, the US double-downed on the charges.
As tensions between the US and China built up, the US Commerce Department placed Huawei on an entity list. By May 2019, Huawei was banned from the US and American companies were prohibited from conducting business with the tech giant. Following this, several governments took caution in dealing with Huawei. The UK government for instance, dialed back on the country’s 5G deployment plan.
By February 2020, the UK government announced that it will only allow Huawei a limited role in deploying 5G in the country. However, now it seems Huawei might be completely kept out.
The same month, a superseding indictment made new allegations against the company. It alleges that Huawei managed to successfully steal IP for decades. Additionally, claims were also made that the company was engaged in covert efforts in shipping goods and services to Iran and North Korea.
Is the US right to fear Huawei?
There’s no easy answer. Huawei’s checkered past does raise a lot of questions. Furthermore, even if by all accounts Huawei is on the right side of things, there’s the Chinese government’s “National Intelligence Law”. This states that if asked, all Chinese companies and citizens are to assist the government in national intelligence efforts.
In a scenario where Huawei supplies 5G facilities to a particular country/region, the Chinese government could potentially exploit the situation. Accusations aside, this fact alone instills fear in other countries, particularly the US.
To be fair, the US does not have the moral high ground either. Reports suggest that the American authorities might have been doing their own spying as well.
All in all, the allegations against the tech giant are not mere fingerpointing. Given Huawei’s history, these questions around security and intellectual property theft will not go away anytime soon.
Then again, not everything is black and white. It's always wise to take everything with a grain of salt.
“,”author”:”Neville Lahiru”,”date_published”:”2020-05-30T15:53:51.876Z”,”lead_image_url”:”https://miro.medium.com/max/1200/1*ZB0HaC7Dagtv4Zbi8nCmHQ.jpeg”,”dek”:null,”next_page_url”:null,”url”:”https://medium.com/swlh/did-huawei-really-steal-16032a4c8eeb”,”domain”:”medium.com”,”excerpt”:”Most of us have seen the news of the US Commerce Department extending sanctions against Huawei while adding further restrictions”,”word_count”:1924,”direction”:”ltr”,”total_pages”:1,”rendered_pages”:1}
US charges Huawei with racketeering and conspiracy to steal trade secrets
The US Department of Justice has charged today Huawei and four of its subsidiaries with racketeering and conspiracy to steal trade secrets.
The new charges today represent an escalation in the US' legal battle against the Chinese telecommunications giant.
The US first charged Huawei and its CFO in January 2019.
Initial charges included money laundering, conspiracy to defraud the US, obstruction of justice, and sanctions violations.
Today, the US added new charges and expanded the defendants list, which now includes Huawei CFO Wanzhou Meng, Huawei, and four official and unofficial subsidiaries — Huawei Device Co. Ltd. (Huawei Device), Huawei Device USA Inc. (Huawei USA), Futurewei Technologies Inc. (Futurewei), and Skycom Tech Co. Ltd. (Skycom).
Huawei CFO Wanzhou Meng was arrested on the initial charges last year in Canada. Meng is still fighting her extradition to the US.
The US DOJ claims it uncovered a “decades-long efforts by Huawei, and several of its subsidiaries, both in the US and in the People's Republic of China, to misappropriate intellectual property, including from six US technology companies, in an effort to grow and operate Huawei's business.”
The DOJ says stolen information includes trade secret information and copyrighted works, such as source code and user manuals for internet routers, antenna technology, and robot testing technology:
“The means and methods of the alleged misappropriation included entering into confidentiality agreements with the owners of the intellectual property and then violating the terms of the agreements by misappropriating the intellectual property for the defendants' own commercial use, recruiting employees of other companies and directing them to misappropriate their former employers' intellectual property, and using proxies such as professors working at research institutions to obtain and provide the technology to the defendants.”
Investigators also claim that Huawei ran a bonus program to reward employees who obtained confidential information from competitors. Those who wanted to participate were supposed to send stolen data to an encrypted email to a special @huawei.com inbox, according to the DOJ's indictment. The program ran since 2013.
“A 'competition management group' was tasked with reviewing the submissions and awarding monthly bonuses to the employees who provided the most valuable stolen information.
Biannual awards also were made available to the top 'Huawei Regional Divisions' that provided the most valuable information.
A memorandum describing this program was sent to employees in the United States.
The new superseding indictment also includes detailed examples of alleged Huawei theft of intellectual property (IP) from US companies. Some of these examples include:
- The use of proxies (professors, research institutes, or third-party companies) to reach out to US companies and obtain proprietary information, and then transfer the data to Huawei.
- Huawei allegedly stole source code, command-line interfaces, and device manuals from a router manufacturer (believed to be Cisco), created its own equipment, and sold it at discounted prices in the US. By mistake, Huawei engineers left version numbers and other identifiers in the stolen code, user interface, and manuals, revealing the theft, and forcing the company to recall products from the US. When sued, Huawei destroyed evidence in the lawsuit by recalling and wiping routers, and sending the infringing devices back to China. In court, Huawei claimed they received the stolen code from a third-party.
- In another case, Huawei poached an employee from another company and demanded documents from his former employer, including details about a base station technology.
- In July 2004, a Huawei employee broke into a Chicago trade showroom in the middle of the night and took photos of a networking device's internal circuitry. When the employee was caught, Huawei claimed the employee was acting on his own.
- A Huawei subsidiary entered into a non-disclosure agreement (NDA) with a US company, gained access through this partnership to proprietary data about a wireless antenna technology used for cellular telephony, and then transfered the data back to Huawei, breaking its NDA. US officials claim Huawei made an estimated $22 million by selling devices that incorporated the same technology.
- The same scheme was applied in the case of another company (believed to be AT&T), with a Huawei subsidiary entering a partnership that allowed Huawei employees access to the company's proprietary robotic phone-testing system. According to the indictment: “once inside, Engineer-3 photographed and gathered technical information about the robot before Company 5 personnel discovered the breach and escorted him the facility.” Days later, another Huawei employee “accessed the laboratory and surreptitiously placed a robot arm into a laptop bag and removed the robot arm from the laboratory.”
- Another strategy used by Huawei also included “continuously recruit[ing] people from [Company 6]” in order to cause “internal turmoil.” The DOJ says this tactic was used against a US developer of architecture for memory hardware, and a direct competitor of Huawei.
- Huawei also invited employees from competing companies to hold talks in China, asked access to presentation slides, copied proprietary data, and shared the info with its engineers working on competiting products.
According to the DOJ, Huawei also had a plan in place for dealing with the fallout and disguising its IP theft operations. US officials say Huawei had a manual labeled “Top Secret” that instructed Huawei employees to conceal their employment with the company when meeting with foreign law enforcement officials.
In addition, the DOJ claims that in order to prevent civil and criminal liability, as well as reputational harm, Huawei often publicly blamed IP thefts on “rogue employees” every time it was confronted with evidence of their wrongdoing.
DOJ: IP theft helped Huawei cut R&D costs
The DOJ says Huawei's efforts were successful, and allowed the company to cut research and development (R&D) costs and gain an advantage over its competitors. Officials say reinvested the profits it made from the stolen information to boost its own business, including in the US, harming the victims of their theft further.
The DOJ say that when US officials confronted the company about its practices, the company lied to US officials, the I, and representatives from the US House Permanent Select Committee on Intelligence.
The new charges come after the I revealed it was investigating more than 1,000 cases of Chinese theft of US technology.
Answering a request for comment from ZDNet, Huawei said the charges are merritless.
“This new indictment is part of the Justice Department's attempt to irrevocably damage Huawei's reputation and its business for reasons related to competition rather than law enforcement,” the company said.
“These new charges are without merit and are based largely on recycled civil disputes from last 20 years that have been previously settled, litigated and in some cases, rejected by federal judges and juries.
The government will not prevail on its charges, which we will prove to be both unfounded and unfair.”
Updated on February 14, at 05:45am ET with statement from Huawei.