Berlin The Federal Office for Information Security (BSI) relies internally on technology from the controversial Chinese network supplier Huawei. This emerges from the response of the federal government to a small question from the Union parliamentary group, which is available to the Handelsblatt.
Specifically, it is about components in the communication infrastructure. According to the document, the BSI uses a Huawei LTE router from Chinese manufacturers for external presentations via an open Internet connection.
In addition, the authority uses the telecommunications components of the company Alcatel-Lucent Enterprise, a company that is majority owned by the state-owned company China Huaxin. The technology is used 100 percent for the BSI landline telephone system. In its response, the government rules out “affecting the data or mobile communication infrastructure”.
The SPD digital politician Jens Zimmermann assumes that the BSI carries out a precise risk analysis before hardware is purchased in security-relevant areas. “Nevertheless, it is advisable to critically question again whether there is a need for an exchange in view of the changed geopolitical situation.”
Peculiar role of the BSI
Vice President of the Office for the Protection of the Constitution, Sinan Selen, recently warned that Huawei and other Chinese companies should be careful. At a security conference in Berlin, he spoke of companies “that are very heavily influenced by the state, and accordingly a state agenda also influences appropriate action”.
Selen fears scenarios “that can cause us problems”. He left open what he meant by that. Selen just said he didn’t think everyone was aware of this dimension.
In security circles, not only telecommunications companies such as Telekom, which use Huawei technology, are mentioned in this context. Here, the federal government is currently examining the components for mobile phone networks according to the 5G standard from Huawei and its Chinese competitor ZTE for security risks. At the end of the day, telecom providers could be forced to remove components that have already been installed.
The role of the BSI is also repeatedly questioned. Security experts have noticed the peculiar stance that former President Arne Schönbohm took on Chinese IT technology. In an interview with the “Frankfurter Allgemeine Zeitung” from 2019, Schönbohm opposed hasty criticism of the use of Chinese components in German IT networks.
>> Read also: Government plans to ban Huawei and ZTE in the German network
“If political trust alone is to be the basis for investment decisions, then we are destroying the division of labor that we have in the world, the basis of our economic prosperity,” said Schönbohm at the time. When it comes to analyzing the manipulation ability of an IT component, it is “completely irrelevant whether the component comes from China, Korea or Sweden”.
The USA has long been warning Germany against Huawei participating in the mobile network. Several countries, including the United States and Canada, have already excluded Huawei and ZTE network technology from their markets. The United States is of the opinion that China could use 5G technology, for example from Huawei, to conduct espionage. The company has always denied the allegations.
Chinese IT technology could also be installed in the Bundeswehr
In fact, neither espionage nor sabotage could be clearly proven for Huawei and ZTE. Huawei emphasizes that it meets the highest security standards and is not under the influence of “any external organizations or persons in its actions”.
The attitude of the BSI fits into this picture. The tasks of Germany’s top cyber security authority include protecting the federal networks and detecting and defending against attacks on government networks. But also testing, certification and accreditation of IT products and services. The BSI only certified a 5G component from ZTE as secure at the end of January.
>> Read also: Germany’s top cyber security authority is getting a female boss for the first time
Chinese technology could also be installed in the Bundeswehr. “The communication infrastructures of the Bundeswehr are usually implemented by industrial companies on behalf of the Bundeswehr and in accordance with the applicable specifications and guidelines of the BSI,” explained the Federal Government in its response to the Union request and added: “It cannot be ruled out that Components from Chinese manufacturers are used.”
At the same time, the government emphasized that the infrastructures in question would be “procured and used in accordance with the specifications of the BSI with a view to any certification or approval requirements relating to cyber and information security”. The BSI is a subordinate authority of the Federal Ministry of the Interior.
Against this background, the CSU digital politician Reinhard Brandl sharply criticized Interior Minister Nancy Faeser. He accused the SPD politician of giving Chinese companies with the closest ties to the Chinese Communist Party a “free hand”.
SPD politician: Don’t just focus on Chinese hardware
“Mrs. Faeser and the traffic lights seem to have completely lost track,” Brandl told Handelsblatt. He wondered how much longer the coalition partners wanted to watch this “passive and disinterested attitude” of the SPD politician.
The SPD digital politician Zimmermann pointed out that in a globalized world with international supply chains it is hardly possible to do without Chinese components. “You have to act in a targeted manner and often with great effort to rule this out,” he said. It is therefore important to have your own national and European suppliers, especially for the security sector.
This has already happened in the armaments sector. For example, the federal government has entered the defense electronics group Hensoldt. “This active industrial policy will be needed much more frequently in the future,” Zimmermann is convinced.
At the same time, the SPD politician advised not only to focus on Chinese hardware. “There is a need for rigorous risk management of IT systems in all critical areas of the public sector and business,” he said. “Because there is a danger not only from hardware and software from countries with political influence on manufacturers such as China or Russia, but also from cyber criminals and state hackers.”
More: Huawei debate – Deutsche Telekom apparently protected itself against US sanctions