Why you should pay attention to the Huawei issue

Most people didn’t understand the hoopla around Huawei being banned from telecom companies in the US. The problem was (and still is) that the Chinese Government has far stronger control over companies than most governments do. That means that a company list Huawei could be controlled by the Chinese government. Normally this may not be a problem but in the case of a global incident, an invasion of Tiawan for instance, those network devices could be turned off. Blocking us from Facebook and Youtube would throw the US into chaos and certainly distract us from ANYTHING else.

Cybersecurity Concerns Intensify with Device Proliferation Forescout’s investigations reveal a startling increase in Chinese-made devices within U.S. networks, reporting over 2,000 Chinese-manufactured cameras found in U.S. government networks just before their ban. This trend has only grown, expanding into other sectors beyond government, with a 40% year-over-year increase in U.S. networks despite official bans.

Notable Findings and Government Actions Despite restrictions, key sectors like critical infrastructure have seen substantial growth in the use of Chinese IoT devices. Forescout’s report highlights a notable increase across various verticals, with manufacturing witnessing a 105% increase and healthcare 47%. This growth persists even as the U.S. government takes significant steps to mitigate risks, such as the Biden administration’s recent executive order to assess cybersecurity threats from Chinese shipping cranes and connected cars.

Geographical and Sector-Specific Trends The increase in Chinese-made devices is not just a U.S. issue but a global concern with varying impacts:

Singapore and Australia have reported increases of 67% and 25%, respectively.
Conversely, Canada and Germany have seen decreases of 14% and 25%.
In the U.S., the sectors most impacted include manufacturing, healthcare, and financial services, all of which have critical dependencies on reliable and secure network infrastructures.

Identifying and Managing Chinese-Manufactured Devices Forescout’s methodology involves identifying devices through unique identifiers registered to Chinese addresses, using their proprietary Device Cloud. This database helps track the presence and growth of these devices across networks, providing invaluable insights into the scale of potential vulnerabilities.

Cybersecurity Implications of Chinese Devices The report discusses the potential risks associated with these devices, including backdoors and tampering that could facilitate espionage or disrupt critical infrastructure. The presence of these devices in sensitive sectors poses a substantial risk, particularly where they remain connected despite bans, such as IP cameras in government networks.

Conclusion: A Call for Enhanced Vigilance The continued growth of Chinese-manufactured devices in critical sectors underscores the need for enhanced scrutiny and cybersecurity measures. Organizations must remain vigilant, recognizing the potential threats these devices pose due to their origin and the geopolitical tensions associated with them. As the landscape of cyber threats evolves, the imperative to monitor and secure networked devices has never been more critical, ensuring that organizations can defend against potential state-sponsored cyber-attacks effectively.

This detailed exploration of the rise in Chinese-manufactured devices within U.S. networks highlights the critical cybersecurity challenges and actions needed to safeguard national and organizational interests in an increasingly connected and vulnerable digital world.

Paul Bergman runs a business strategy and cybersecurity consulting company in San Diego. He is also CEO of a mentoring non-profit in San Diego, Lamp of Learning. He writes on cybersecurity and board management for both corporate and nonprofit boards.