How Huawei won Barcelona

Trump’s tweets and the Chinese vendor’s dominance mean US officials fought an uphill battle at this week’s global telecoms fair.

BARCELONA — In a global standoff that pits U.S. security services against Chinese telecom giant Huawei, it was the latter who came out as the winner at a high-stakes gathering in Barcelona this week.

At the annual Mobile World Congress fair, Huawei was up against combative U.S. officials who toured government delegations calling the Chinese vendor “deceitful” and arguing that it poses a security threat to the West.

But Huawei was playing on familiar turf in Barcelona, where some 100,000 telecoms executives had gathered for industry shop talk and ogling at new tech innovations. Huawei’s brand was plastered all around the conference venue, for which it was a key sponsor, and it chose to launch its new, flagship product at the fair: the foldable Mate X smartphone.

Huawei’s chief didn’t hold back on the politics, either.

“The U.S. security accusation on our 5G has no evidence, nothing,” the company’s Rotating Chairman Guo Ping said in his keynote speech Tuesday. He slammed Washington by saying that those concerned about government spying “can go ask Edward Snowden” — a blunt reference to the 2013 scandal that revealed mass surveillance of global data flows by the U.S. National Security Agency.

Days before the final offensive in Barcelona, the U.S. strategy got sidetracked by rumblings in the country’s bilateral negotiations of a trade deal with China.

The U.S. apparatus had targeted the Barcelona telecommunications conference as the peak of a monthslong campaign to convince European and global allies to cut out Huawei.

It followed a visit by U.S. Secretary of State Mike Pompeo to Eastern Europe earlier in February, in which Huawei featured at the top of the talking points, and a keynote speech by U.S. Vice President Mike Pence at the Munich Security Conference mid-February warning for “the threat posed by Huawei and other Chinese telecoms companies.”

But days before the final offensive in Barcelona, the U.S. strategy got sidetracked by rumblings in the country’s bilateral negotiations of a trade deal with China. President Donald Trump suggested that criminal charges against Chinese telecoms giant Huawei and one of its top executives could be used as a bargaining chip in his administration’s ongoing trade negotiations with China. “We’re going to be discussing all of that during the course of the next couple of weeks,” Trump said.

The statement came after tweets by the U.S. president, where he hinted at supporting open competition in the telecoms vendor market — which caused confusion across the telecoms market at a time when operators are looking for clarity on major 5G contracts.

Huawei’s brand was plastered all around the conference venue | Pau Barrena/AFP via Getty Images

By the end of the four-day gathering, U.S. Deputy Assistant Secretary of State Rob Strayer had called Huawei “duplicitous and deceitful” but failed to pressure the Europeans into committing to new measures against Huawei.

Huawei in Europe

Huawei’s full-court press in Barcelona came at a critical time, as the company has been shut out of major Western markets in past months, and its strategy to scale up relies heavily on the revenue it is generating on the European Continent.

A diplomatic campaign from Washington in Western and allied capitals in past months have triggered new restrictions in Australia and Japan, and others could follow suit in coming months — giving its competitors on 5G infrastructure including Ericsson, Finnish Nokia and Korean Samsung a leg up in the global race for networks.

Europe’s joint market accounts for 10 to 15 percent of Huawei’s revenue, company figures show, versus more than half for the domestic market in China, 11 percent for the Asia-Pacific region and just 7 percent for the Americas.

Vincent Pang, the company’s president for Western Europe, stressed the importance of the Continent at a briefing with reporters in Barcelona. “It doesn’t matter what happens in any single country in Europe. We will stay here,” Pang told reporters, adding that Huawei considers Europe “the most powerful innovation house in the world.”

Europe’s importance explains partly why Huawei has invested so heavily in the region. The equipment maker has struck many deals with the Continent’s largest telecoms operators in the past decade. It also set up “security centers” where operators can run security checks on its equipment, in an effort to preempt criticism.

Huawei’s entanglement with Europe’s telecoms networks and its operators have also scared off powerful industry groups, who fear restricting or even banning Huawei will cost billions of dollars to the Continent’s largest operators like Deutsche Telekom, Vodafone and others.

EU leaders in past weeks disputed the need for a blanket ban on Huawei products, which the U.S. wants. Instead, they are pushing ahead with a series of midway network security measures that will ultimately preserve China’s presence in broad swathes of European telecoms markets — in a classic “third way” approach to the issue.

As pressure on the Chinese vendor rises, its competitors have tried to get ahead of the game.

“I don’t think that, in the summer, we’ll live in a Europe where the majority of [EU] member states banned Chinese manufacturers” — Jan-Peter Kleinhans

“[We] have already deployed operational 5G networks based on commercial equipment in Europe, Australia and Asia,” Ericsson’s director, Johannes Arvidson Persson, said in emailed responses to questions.

At the end of the Barcelona fair, the Swedish company secured 14 5G contracts with operators, of which it keeps a running list online. It includes European contracts with Vodafone U.K., Telenor in Norway, Wind 3 in Italy and Swisscom in Switzerland.

Huawei on the other hand claims to have more than 30 5G contracts worldwide, and 13 in Europe — but didn’t disclose the list of operators it struck deals with. In Europe, it said Vodafone, EE (owned by BT), Telecom Italia and Sunrise in Switzerland have signed with the company. Huawei said some of its partners have asked not to be named because of fear of political backlash.

One of Ericsson’s main advantages worldwide is that it is the first to go live with commercial 5G networks in the United States — a country that has restricted Huawei’s access in past years, and formally shut the market for Chinese vendors last year.

According to Jan-Peter Kleinhans, an analyst and 5G security expert at the Berlin-based Stiftung Neue Verantwortung, “I don’t think that, in the summer, we’ll live in a Europe where the majority of [EU] member states banned Chinese manufacturers.”

“The big question is how many member states realize that 5G is not a unique issue,” he said. “People are waking up and realizing: ‘Holy sh*t, Chinese ICT is everywhere, we do not trust the country, we do not trust its government, what do we do?'”

This article is from POLITICO Pro: POLITICO’s premium policy service. To discover why thousands of professionals rely on Pro every day, email for a complimentary trial.

Read this next: World’s cartoonists on this week’s events

West accuses Beijing of ‘extensive’ cyber espionage

Officials hold Chinese Ministry of State Security responsible for ongoing cyber intrusions.

The United States and the United Kingdom announced an indictment Thursday against state-linked Chinese hackers, in a fresh bid to build an international front against Chinese spying.

The announcement includes U.S. criminal charges against Chinese government hackers accused of stealing American businesses’ intellectual property worth hundreds of billions of dollars. The U.S. also said it holds China’s government accountable for sponsoring economic cyberattacks, including in Europe and Asia.

The activities “go against the commitments made to the U.K. in 2015, and, as part of the G20, not to conduct or support cyber-enabled theft of intellectual property or trade secrets,” U.K. Foreign Secretary Jeremy Hunt said.

Australia, Canada, Japan and Germany were expected to join the coalition condemning Beijing over hacking, a diplomat said.

The warnings complement a U.S.-driven campaign to convince Western governments to ban Chinese telecom equipment vendors from providing the gear to build 5G networks. In past months, Australia, Canada, New Zealand and Japan have announced new market restrictions on Huawei and ZTE — China’s two leading telecom equipment makers — due to security concerns.

The indictments effectively kill a deal that Obama struck with Chinese President Xi Jinping in 2015 to limit cyber-espionage activities.

The criminal charges unveiled Thursday target a hacker group that acted on behalf of the Chinese Ministry of State Security and “almost certainly [continue] to target a range of global companies, seeking to gain access to commercial secrets,” the U.K. Foreign Office said in a statement.

Specifically, it charges two Chinese hackers, Zhu Hua and Zhang Shilong, of computer hacking, conspiracy to commit wire fraud and aggravated identity theft. The document lays out how the hackers had targeted sectors including aviation, space and satellite technology, manufacturing, pharmaceutical, computer processor companies and other sectors from as early as 2006.

The indictment said affected companies were located in at least 12 countries — Sweden, Finland, France, Germany, Switzerland and the U.K. in Europe as well as India, Brazil, Canada, Japan, the United Arab Emirates and the U.S.

The hackers used techniques known as “spear phishing,” which targets high-value individuals with mock emails tricking them into downloading malware, which in turn would give hackers remote access to the networks.

Greg Baker/AFP via Getty Images

Their group performed services as a contractor for the ministry, infiltrating networks to provide intelligence and information. Hackers lurk inside corporate networks for months, even years, before stealing data. The accused group is known as the “advanced persistent threat group 10” (APT10), also known as Cloud Hopper, Menupass and Stone Panda.

A report by consultancy PricewaterhouseCoopers released in April 2017 revealed the group’s methods and targets, asserting that it had ramped up its activities in 2016 and targeted industrial manufacturing and engineering sectors in Europe and beyond.

“The group focuses on what we call ‘access operations,’ effectively gaining and holding access until it had a requirement to take data,” said Kris McConkey, cybersecurity partner at PwC. “We’ve seen activity until as late as the summer of 2018. In the last eight to 12 weeks we’ve seen a little less activity.”

The indictments effectively kill a deal that ex-President Barack Obama struck with Chinese President Xi Jinping in 2015 to limit cyber-espionage activities. Intellectual property theft has long been a source of tension between the U.S. and China, and in September 2015 the two struck a landmark agreement to tone down the cyber intrusions.

“The difference between this initiative and what preceded the deal reached between the U.S. and China in 2015 is that the U.K., Germany and other governments were not as public then as they are now,” said Chris Painter, Obama’s chief cyber diplomat who negotiated the deal, and left the U.S. government under President Donald Trump.

“This joint action, especially with these countries involved, is significant: It is harder for Beijing to ignore,” Painter said.

Attempted coup de grâce

The indictment caps a series of revelations and statements calling out Chinese hacker groups and the Chinese government for violating international agreements and norms on cyber espionage.

Last week, Secretary of State Mike Pompeo blamed Beijing for the Marriott hack that stole passport data and other information on as many as 500 million people. U.S. officials believe this massive data breach was also part of Beijing’s counterintelligence project. U.S. officials testified before a committee last week at which FBI assistant director Bill Priestap called China “the most severe counterintelligence threat facing our country today.”

The conflict between Washington and Beijing worsened last week when Canadian authorities arrested Huawei’s CFO Sabrina Meng.

In October the U.S. also announced that Belgian authorities had extradited to the U.S. a senior officer at China’s Ministry of State Security to face economic espionage charges, also related to aviation firms.

In parallel, a U.S. cybersecurity company founded by former National Security Agency officials on Tuesday released a disputed report that the EU’s communication system for diplomatic correspondence had been hacked by Chinese hackers linked to the People’s Liberation Army. EU officials are still investigating the incident.

The conflict between Washington and Beijing worsened last week when Canadian authorities arrested Huawei’s chief financial officer, Sabrina Meng, at the request of the U.S. European governments including the U.K., Germany, Belgium, the Czech Republic, the European Commission and others are actively exploring ways to shut off parts of the telecom networks for Huawei.

“The U.S. approach to China’s cyber espionage has evolved rapidly over the past six months,” Paul Triolo, a cyber expert at the think-tank Eurasia Group, said earlier. He noted that Washington appears to no longer be settling for indicting Chinese hackers who will probably never show up in an American courtroom — and instead is working with like-minded countries to arrest them.

U.S. President Donald Trump and China’s President Xi Jinping in Beijing in 2017 | Pool photo by Thomas Peter via Getty Images

Thursday’s revelations could lead to sanctions, diplomatic sources said, including measures issued by the European Union as a whole.

EU institutions in the past year have worked out a system to respond to cyber threats with diplomatic measures, ranging from statements to economic sanctions. But the bloc has still yet to name Moscow as being behind cyber operations.

Denmark, Estonia, Lithuania and Great Britain joined the U.S., Australia and Canada in condemning Russia for orchestrating a large-scale attack using malware known as NotPetya.

As attention now shifts to Beijing, the EU would against consider its options in how to respond to the new allegations.

In the case of China, hackers have targeted companies in Australia, Japan and Europe, Adam Segal and Lorand Laskai of the Council on Foreign Relations pointed out.

“If other countries are involved, it makes it look more like China is standing outside international norms,” Segal told POLITICO earlier.

Eric Geller and Michael B. Farrell contributed to this article.

Read this next: ‘Oh, no’: The day Trump learned to tweet