The Times, Red Box, 9 October, 2018
Last week’s Bloomberg story that the Chinese military has been interfering in computer supply chains was like a bolt of lightning — and we are bound to hear the thunder rumble for some time yet. Around the world national security services will be scrambling to see if their own systems have been similarly compromised.
The fact that the infected parts made their way to CIA drones — presumably a highly-controlled procurement environment — means that the vulnerabilities were extremely well-hidden. Since they also allegedly went to online shopping firm, Amazon, China’s tiny chips are a giant Trojan horse wheeled directly into the international community’s trading gates and let loose. It is yet another example of how Beijing and Moscow are approaching the new Cold War against the west.
For those who don’t know, 5G entails a faster, tighter bundling of data that will massively improve the capabilities of the mobile internet, and in turn the use of artificial intelligence in transport, health, education, not to mention the development of “smart” cities. One reason that Huawei has been so instrumental in developing the technology is their championing of a Turkish code developer.Since 2008, when Dr Erdal Arikan invented polar codes, a number of countries have raced to develop the infrastructure indigenously. Not all are confident about the state’s role in rolling out this new technology: In the US, for example, the Trump administration rejected proposals for a “national effort” to develop 5G.
In many ways, this has been an “I told you so, moment” for many security and tech experts. Chinese-owned technology has long been viewed with scepticism amid concerns over its close links with the state. George Osborne’s “golden era” of Chinese investment into the British economy — and the inclusion of its companies in sensitive parts of the UK infrastructure — is truly at an end. As Bloomberg reports, the US counterintelligence operation has found the Chinese government directly culpable, with individuals and two factories in China identified.
The next step in this saga is for the US intelligence community to share its findings with its closest intelligence allies. This primarily means Australia, Canada, New Zealand, and the UK; but also NATO allies in Europe and treaty allies in the Indo-Pacific like Japan, South Korea, and the Philippines. Washington should also share the technical data with non-ally security partners like India, Singapore, and Vietnam.
The most difficult part will be setting up mechanisms to screen electronic parts coming into the UK – after all, what isn’t made in China these days? What is now up for discussion — no matter how improbable — is the exclusion of certain Chinese firms from the UK and a search for other partners to develop the next generation of digital infrastructure. To do otherwise and to bury one’s head in the sand would jeopardise our national security, our personal data, and, ultimately, our intelligence partnerships.