WEBINAR | A Deep-Dive into 2023 Cyber Threats
Reduce Alert Noise and False Positives
Boost your team's productivity by cutting down alert noise and false positives.
Automate Security Operations
Boost efficiency, reduce burnout, and better manage risk through automation.
Dark Web Monitoring
Online protection tuned to the need of your business.
Maximize Existing Security Investments
Improve efficiencies from existing investments in security tools.
Beyond MDR
Move your security operations beyond the limitations of MDR.
Secure with Microsoft 365 E5
Boost the power of Microsoft 365 E5 security.
Secure Multi-Cloud Environments
Improve cloud security and overcome complexity across multi-cloud environments.
Secure Mergers and Acquisitions
Control cyber risk for business acquisitions and dispersed business units.
Operational Technology
Solve security operations challenges affecting critical operational technology (OT) infrastructure.
Force-Multiply Your Security Operations
Whether you’re just starting your security journey, need to up your game, or you’re not happy with an existing service, we can help you to achieve your security goals.
Detection Investigation Response
Modernize Detection, Investigation, Response with a Security Operations Platform.
Threat Hunting
Locate and eliminate lurking threats with ReliaQuest GreyMatter
Threat Intelligence
Find cyber threats that have evaded your defenses.
Model Index
Security metrics to manage and improve security operations.
Breach and Attack Simulation
GreyMatter Verify is ReliaQuest’s automated breach and attack simulation capability.
Digital Risk Protection
Continuous monitoring of open, deep, and dark web sources to identify threats.
Phishing Analyzer
GreyMatter Phishing Analyzer removes the abuse mailbox management by automating the DIR process for you.
Integration Partners
The GreyMatter cloud-native Open XDR platform integrates with a fast-growing number of market-leading technologies.
Unify and Optimize Your Security Operations
ReliaQuest GreyMatter is a security operations platform built on an open XDR architecture and designed to help security teams increase visibility, reduce complexity, and manage risk across their security tools, including on-premises, clouds, networks, and endpoints.
Blog
Company Blog
Case Studies
Brands of the world trust ReliaQuest to achieve their security goals.
Data Sheets
Learn how to achieve your security outcomes faster with ReliaQuest GreyMatter.
eBooks
The latest security trends and perspectives to help inform your security operations.
Industry Guides and Reports
The latest security research and industry reports.
Podcasts
Catch up on the latest cybersecurity podcasts, and mindset moments from our very own mental performance coaches.
Solution Briefs
A deep dive on how ReliaQuest GreyMatter addresses security challenges.
White Papers
The latest white papers focused on security operations strategy, technology & insight.
Videos
Current and future SOC trends presented by our security experts.
Events & Webinars
Explore all upcoming company events, in-person and on-demand webinars
ReliaQuest ResourceCenter
From prevention techniques to emerging security trends, our comprehensive library can arm you with the tools you need to improve your security posture.
Threat Research
Get the latest threat analysis from the ReliaQuest Threat Research Team. ReliaQuest ShadowTalk Weekly podcast featuring discussions on the latest cybersecurity news and threat research.
Shadow Talk
ReliaQuest's ShadowTalk is a weekly podcast featuring discussions on the latest cybersecurity news and threat research. ShadowTalk's hosts come from threat intelligence, threat hunting, security research, and leadership backgrounds providing practical perspectives on the week's top cybersecurity stories.
April 18, 2024
About ReliaQuest
We bring our best attitude, energy and effort to everything we do, every day, to make security possible.
Leadership
Security is a team sport.
No Show Dogs Podcast
Mental Performance Coaches Derin McMains and Dr. Nicole Detling interview world-class performers across multiple industries.
Make It Possible
Make It Possible reflects our focus on bringing cybersecurity awareness to our communities and enabling the next generation of cybersecurity professionals.
Careers
Join our world-class team.
Press and Media Coverage
ReliaQuest newsroom covering the latest press release and media coverage.
Become a Channel Partner
When you partner with ReliaQuest, you help deliver world-class cybersecurity solutions.
Contact Us
How can we help you?
A Mindset Like No Other in the Industry
Many companies tout their cultures; at ReliaQuest, we share a mindset. We focus on four values every day to make security possible: being accountable, helpful, adaptable, and focused. These values drive development of our platform, relationships with our customers and partners, and further the ReliaQuest promise of security confidence across our customers and our own teams.
More results...
On 11 Nov 2021, US President Joe Biden banned the use of Chinese companies Huawei and ZTE within the US, stopping them from receiving approval for network equipment licenses in the US. This follows a long and convoluted debate over the threat posed by Chinese technology providers, with many suggesting the two companies represent a significant national security risk.
The Secure Equipment Act was approved unanimously by the U.S. Senate on 28 Oct, and earlier in the month by the U.S. House on a 420-4 vote. This means that the US Federal Communications Commission (FCC) should no longer review applications related to the two companies, and effectively prohibits the use of Huawei and ZTE equipment in US telecoms networks. Other companies named in the act include Hytera, Hangzhou, and Dahua. The decision taken by the US has also been replicated with similar legislation and efforts worldwide; the UK, Australia, New Zealand, and recently Sweden, have also introduced restrictions over the use of Huawei equipment.
The decision surrounding the use of Chinese firms in telecommunications and networking infrastructure, and likely reflects the increasingly frosty relationship between China and the United States. This blog will discuss whether this was the right decision and what impact the Secure Equipment Act will have going forwards.
As highlighted by US founding father and polymath Benjamin Franklin, “it takes many good deeds to build a good reputation, and only one bad one to lose it”. In the case of Huawei, the rise to the top of the mobile telecommunications industry has been nothing short of remarkable. This has shadowed China’s own ambitions and achievements in becoming a technological superpower. Huawei now represents the world as a leader in providing telecommunications and network equipment technology, and also overtook Apple as the second most sold smartphone manufacturer in 2019. Their market share has however decreased significantly in 2021 as US sanctions have taken a hold on consumer confidence in the Huawei brand.
ZTE, who are a telecommunications equipment manufacturer, have also gone through a similarly dramatic growth. The company recorded a 12.4% growth in H1 2021 when compared to the same period of the previous year, largely propelled by increased investment and deployment of next generation 5G mobile technology. While it is unclear what the ceiling for Huawei and ZTE’s development may be, they will undoubtedly continue to represent a significant player in the telecommunications technology space for the foreseeable future, regardless of whether sanctions are applied or not.
The ban from President Biden—in addition to the multiple sanctions raised on Huawei and ZTE in previous years—has raised considerable debate. Do Huawei represent a significant security threat, or are the companies being used as a proxy for the ongoing battle between Washington and Beijing for technological hegemony?
The US has previously claimed that restrictions on use of Huawei and ZTE were justified due to Beijing’s potential for influence over the technology providers. Huawei has faced allegations that its wireless networking equipment could contain backdoors enabling surveillance by the Chinese government, in addition to further allegations that it has engaged in corporate espionage to steal competitors’ intelligence property. Supporters of the company have long claimed that the claims hold no validity; however, recent reporting has identified a key piece of evidence underpinning U.S suspicions.
A sophisticated intrusion onto a telecommunications network in Australia was detected by Australian intelligence officials in 2012. This reportedly began with a legitimate software update from Huawei that was loaded with malicious code. We don’t need to spell out the risks associated with supply chains; there’s been plenty of supply chain attacks that have taken place in 2021, just check out our blog from August. This breach and subsequent sharing of intelligence between Australia and U.S has reportedly shaped policy decision making regarding Huawei since, with the incident substantiating suspicions in both countries that China used Huawei equipment as a conduit for espionage.
The Chinese state maintains a stranglehold over private industry in China. This comes largely as a result of the influence of the People’s Republic of China (PRC) President Xi Jinping, who since taking office as the General Secretary of the Chinese Communist Party (CCP) in 2012, has made his distrust of the private sector abundantly clear. Several reforms have demonstrated the expanding influence of the CCP over private companies, but no better than the National Intelligence Law of the PRC which was enacted in 2017; this law states, “any organization and citizen shall support and cooperate in national intelligence work.” Party officials now sit on the boards of Chinese companies, and while not likely to play a direct role in managing day to day operations, it is becoming increasingly difficult to distinguish between what is private and what is a state-owned company. Ultimately, the state represents the highest authority in China, and no Chinese company is fully independent from the government.
If the breach did occur as was briefed by Australian officials, then there is likely one of two scenarios. Huawei were actively complicit in allowing Chinese actors to access their update mechanisms, or otherwise were themselves compromised, with China able to infiltrate the ranks of Huawei’s technicians, who maintained the equipment and distribute the update to Huawei’s customers. Given China’s sophistication, ability, and willingness to conduct cyber espionage, both of these scenarios are plausible.
The decision-making process regarding the ban of Huawei and ZTE was likely conducted through a combination of security risk and as part of the ongoing jostling for position regarding telecommunications technology; if the reports from the Australian intelligence are correct however, then the US appear to be fully justified in restricting the use of Huawei equipment. 5G represents the next generation of wireless networks and is ultimately a market that will be worth hundreds of billions of dollars. Huawei and ZTE have positioned themselves as one of the world leaders in providing such technology for emerging networks —with some estimates suggesting that they own more than half of all global 5G buildout—and the Secure Equipment Act likely represents the latest efforts to buck that trend.
The reaction from the business will likely be highly dependent on several factors, including their geography, the sector in which they operate, and ultimately whether they currently use Huawei and ZTE equipment. Ultimately, US-based telecommunications companies will no longer be able to purchase Huawei or ZTE equipment to use in their networks, and the bill also reinforces the mandate for service providers to replace existing equipment from banned companies, The US congress has approved a replacement fund for companies affected by this mandate, rather affectionately named the “Huawei rip and replace fund”.
One part of Huawei that the bill hasn’t banned is Honor, which is a separate Huawei based smartphone sub-brand that serves as a separate company. It is likely that Honor will fill much of the void left behind by Huawei, at least in the smartphone market. Whether a separate brand will emerge to take the mantle in networking equipment is unclear; however, it’s clear that Chinese companies, whether private or state owned, will continue to play an important role in the global technological supply chain.
The Photon Research Team does a tremendous job covering a variety of cyber threats, including the impact of policy implications, wider geopolitical developments, and how they can potentially herald a shift in the cyber threat landscape. Check out some of our work here, or let us walk you through a demo with a 7-day test drive of Search Light (now ReliaQuest GreyMatter Digital Risk Protection).