U.S. intelligence and security agencies are warning Congress and the telecommunications industry that an American company’s plan to use Chinese components in cell-phone towers for the next generation wireless network will make communications vulnerable to electronic spying by Beijing.
Over the past four months, National Counterintelligence executive Robert Bryant has briefed the House and Senate intelligence committees with warnings about the risks of a Chinese company, Huawei Technologies, providing key components of the fourth generation, or 4G, wireless network in the United States.
Representatives from the National Security Agency (NSA) also have briefed Congress about their concerns with Huawei’s bid to provide hardware and other components for the new wireless infrastructure.
“If Huawei builds the components for our cell towers in the U.S. 4G network, then every cell tower is a potential listening post for Beijing,” said Edward Timperlake, the Pentagon’s former director of technology assessment.
The company that wants to use Huawei components for cell towers is called Amerilink Telecom Corporation and recently has placed Gordon R. England, deputy defense secretary during the George W. Bush administration, on its board in an effort to ease long-standing security concerns from the U.S. government. Last month, former House Minority Leader Richard A. Gephardt, Missouri Democrat, and former World Bank President James Wolfensohn also joined the company’s board.
In recent weeks, Amerilink held meetings with the NSA’s Information Business Affairs Office to try to smooth over concerns that Chinese-made hardware and software could be exploited by China’s government to launch cyber-attacks or eavesdrop on communications on the 4G network.
Amerilink has offered to build and install Huawei components on cell towers for the U.S. telecommunications company Sprint, which is expected to decide on Amerilink’s proposal in coming weeks.
Amerilink CEO Kevin Packingham, a former Sprint executive, would not comment on specific meetings with the NSA. He did confirm that representatives of his company met with members of the U.S. government to discuss security concerns and Amerilink’s proposal to check the Chinese equipment and code for bugs and electronic vulnerabilities.
Asked about concerns raised by Mr. Timperlake, Mr. Packingham said: “We take these concerns very seriously, and our entire operations are being built to address them. Under our proposal, Huawei would not provide any hardware, software or firmware to Sprint.
“Amerilink would have custody and control of all components and software, and Amerilink’s U.S. citizen employees, along with other security credential U.S. vendors, would build, examine, test and validate all equipment before it is deployed to Sprint. Huawei would not have any ability to know where its products are going or to touch the network.”
On meetings between Amerilink representatives and U.S. government agencies, Mr. Packingham said, “We have worked very hard to make sure everyone is aware of the solution.”
Worries about Huawei components inside the 4G cell phone towers highlight long-standing concerns inside the U.S. intelligence community about the origin of microchips, routers and software inside sensitive U.S. computer networks.
Dale Meyerrose, a retired Air Force major general and the first chief information officer for the U.S. intelligence community, said the problem of “supply-chain integrity” in general is a serious one.
“On every step along the way — whether you are talking IT software, IT middleware or IT hardware or even data sets, the strings of data, anywhere along that line there are potentials for injecting something which either gives somebody an unfair advantage later on or becomes a vulnerability or hole that someone can take advantage of, or becomes a capability like tapping in on somebody else’s cable next door without paying for it,” Mr. Meyerrose said.
Mr. Meyerrose, now vice president of Cyber Initiatives for the Harris Corp., declined to comment specifically on Huawei or Amerilink.