U.S., UK Act to Block Chinese Technology Threat

This week, the U.S. and UK governments took steps to combat key national security threats posed by two Chinese telecommunications companies. On Monday, the U.S. Commerce Department banned all U.S. sales to ZTE, a Chinese telecommunications company that violated export controls. On Tuesday, the Federal Communications Commission advanced a proposal to bar municipalities from using federal funds to purchase equipment from companies posing national security threats, specifically ZTE and Huawei, another Chinese company. Coupled with a letter from the UK’s National Cyber Security Centre (NCSC) warning the private sector against working with ZTE, these actions show a determination to address the threat that China’s state-backed companies can pose to U.S. national security.

The Commerce Department’s decision follows a March 2017 settlement in which ZTE pleaded guilty to re-exporting U.S. telecommunications equipment to Iran and North Korea in violation of U.S. sanctions. As punishment, ZTE paid a fine of nearly $900 million and agreed to a seven-year probationary period. However, ZTE then lied about its compliance with settlement obligations, resulting in Monday’s decision to cancel its export privileges. This may be a devastating punishment for a company that is the fourth-largest maker of smartphones for the U.S. market and reportedly depends on American companies for 25-30 percent of its products’ components. After the announcement, ZTE’s shares dropped 27 percent in a single day.

Meanwhile, the U.K. government’s letter warned that purchasing equipment or services from ZTE would have a “long term negative effect on the security of the UK.” In 2013, after the U.K.’s Parliamentary Intelligence and Security Committee raised significant concerns about the role of Huawei, China’s largest telecom company, in Britain’s critical national infrastructure, the government set up a special oversight board to monitor any potential threats from the presence of Huawei equipment. Adding ZTE equipment to the mix would render it “impossible” to manage risks and create “an unacceptable national security risk,” according to the new letter.

On Tuesday, the FCC also addressed the threat of compromised infrastructure by advancing a proposed rule prohibiting money from the $8.5 billion Universal Service Fund from being used to purchase equipment from companies that “pose a national security threat to United States communications networks or the communications supply chain.” Huawei may have already been able to spy on U.S. military facilities by providing equipment to the telecom providers that service the areas around key bases. While the FCC’s Notice of Proposed Rulemaking did not mention the Chinese companies by name, an FCC fact sheet detailed Congress’s concerns about ZTE, Huawei, and Russian cybersecurity firm Kaspersky Labs.

On Monday, an unrelated announcement from the FBI, Department of Homeland Security, and NCSC about state-sponsored Russian cyber attacks on business and residential routers noted that “a malicious actor with presence” on a network – like the presence that Russian and Chinese actors could gain by providing the equipment for our national telecommunications infrastructure – “can monitor, modify, and deny traffic.”

Last month’s report from the U.S. Trade Representative on China’s technology and cyber policies concluded that “China’s cyber activities represent a grave threat to U.S. competitiveness and the U.S. economy.” Moreover, reports have documented China’s ongoing attempts to dominate information communication technology supply chains in order to “pursue other state goals.” The combined actions of the U.S. agencies are an important step to protecting the U.S. economy from cyber infiltration, espionage, and exploitation that undermine American national security – namely, from cyber-enabled economic warfare.

Annie Fixler is a policy analyst at FDD’s Center on Sanctions and Illicit Finance, where Trevor Logan is a cyber research associate. Follow them on Twitter @afixler and @TrevorLoganFDD.

Follow the Foundation for Defense of Democracies on Twitter @FDD and its Center on Sanctions and Illicit Finance @FDD_CSIF. FDD is a Washington-based, nonpartisan research institute focusing on national security and foreign policy.