Berlin Politicians from the traffic light coalition and the opposition have expressed concern that Chinese IT technology is apparently being used in the Bundeswehr’s communications infrastructure.
“If components are installed that affect the security of the Bundeswehr and thus the Federal Republic in any way, then of course you have to react,” said the chairwoman of the defense committee in the Bundestag, Marie-Agnes Strack-Zimmermann (FDP), the Handelsblatt. “We cannot be alarmed enough.”
The vice chairman of the committee, Henning Otte (CDU), described the troops’ communication infrastructure as a “key technology” and therefore a sensitive area. “In the case of critical infrastructure, it must therefore be avoided that Chinese IT technology is installed,” Otte told the Handelsblatt.
According to the federal government, the Bundeswehr’s communication infrastructures are usually implemented by industrial companies on behalf of the Bundeswehr and in accordance with the applicable specifications and guidelines of the federal cyber security authority BSI. “It cannot be ruled out that components from Chinese manufacturers will be used,” says the government’s response to a small query from the Union parliamentary group, which is available to the Handelsblatt.
On the question of admissibility, the government referred to the Federal Office for Information Security (BSI). “The communication infrastructures of the Bundeswehr are procured and used in accordance with the specifications of the BSI with a view to any existing certification or approval requirements relating to cyber and information security,” says the answer.
Government plans tightening of laws to protect critical infrastructure
Strack-Zimmermann and Otte think the government information is too imprecise and call for clarity: “The question needs urgent clarification,” said the FDP politician. Otte demanded that the traffic light government clarify “comprehensively” where and which Chinese IT technology was installed in the Bundeswehr’s communications infrastructure. “Subsequently, components that can be adequately replaced immediately must be replaced,” emphasized the CDU politician.
>> Read also: Digital Minister Wissing does not want to veto Set Huawei
The president of the reservists’ association, former CDU security politician Patrick Sensburg, is also critical of the use of Chinese technology or individual components. “On the one hand, security gaps cannot be ruled out, although the BSI performs a very reliable check and it is not about entire devices, but only components,” Sensburg told the Handelsblatt.
“On the other hand, there is the risk of supply dependency, which also makes us dependent on Chinese products for armaments.” This must at least be avoided by using alternative products from the EU.
The federal government has had the China problem in its sights for a long time, but its scope for action is restricted by the current legal situation. Since September 2021, the Federal Ministry of the Interior has been able to prohibit the use of a critical component in a critical infrastructure (Kritis) or restrict it by issuing orders in accordance with the BSI Act. However, the regulation is currently only applicable to the development of the 5G mobile network in Germany.
However, the regulation is to be extended to other areas of critical infrastructure as part of the so-called “Kritis umbrella law”. Federal Interior Minister Nancy Faeser (SPD) had already presented the first key points. A corresponding draft law should be available by the summer.
Union criticizes “the ministries’ wrangling over responsibility”
In the case of Chinese IT companies such as Huawei, but also ZTE, the Office for the Protection of the Constitution and IT security experts warn that these companies cannot escape the grip of the regime in Beijing. It’s not just the fear of espionage and sabotage that worries the security authorities. The fact that China could stop supplying technology or software updates in the event of a conflict is also considered a risk.
Several Western countries, including the United States, have long since excluded Huawei from expanding their networks. Huawei has always rejected allegations of espionage. In fact, so far neither espionage nor sabotage could be clearly proven. So far, the BSI has not found any security gaps during technical tests of components.
>> Read also: The protection of the constitution is critical of Huawei’s connection to Telekom and the railways
However, the Ministry of the Interior now believes that components from Huawei and ZTE may adversely affect public order and security in Germany. Therefore, all critical – i.e. safety-relevant – parts that are already installed in the 5G network are currently being subjected to an inspection. At the end of the test, telecom providers may be forced to remove the components in question and replace them with parts from other providers.
Irrespective of this, the CDU defense politician Otte considers it necessary to invest more in research and development at German and European level in order to prevent one-sided technological dependence on China. “This does not mean that we should end our trade relations with China, but rather that Germany needs a forward-looking and diversified orientation,” said the MP.
In this regard, Otte misses a traffic light concept. “Discussions on Germany’s strategic orientation peter out in the ministries’ wrangling over responsibility – as can be seen, for example, in the national security strategy,” criticized the CDU politician. “Therefore, there are doubts as to whether the wake-up call after Russia’s war of aggression against Ukraine has arrived at the traffic light.”
More: Germany in a cyber dilemma – experts warn of a chaos of jurisdiction