Politicking is behind calls for Huawei inquiry in NZ: security expert

Daniel Ayers says there are easier ways to spy then using Huawei’s networking equipment

Calls by the Green Party and Labour to investigate and potentially bar Chinese telco Huawei from the government's $1.5 billion UFB rollout is politicking, says one New Zealand cyber security expert.

Daniel Ayers, owner and director of computer forensic and IT security firm Elementary Solutions, says if the Chinese government wanted to spy on New Zealanders there would be less elaborate and more effective ways to do so.

Huawei provides networking equipment for several New Zealand telcos, such as Chorus, 2degrees, Vodafone, Enable Networks and Ultra Fast Fibre.

Ayers says for Huawei's equipment to spy on New Zealand internet traffic, the routers would need to be able to discern desired packets of information from the stream of packets passing through it.

Once identified, the packets would need to be put together into something useful for a foreign spy agency. Ayers says this part of the process would use a noticeable amount of computing resource, and create unaccounted outgoing traffic back to China - both of which would be identifiable by engineers at the telcos.

"Carrying out unchecked interception at a network infrastructure level is highly theoretical and highly difficult," says Ayers.

"Any half decent network technician would be able to see there was something wrong."

Ayers says if they exist, these "rogue networks" would already be installed in network equipment by Huawei's partners in New Zealand. This means the government is currently able to reverse engineer this equipment to check for possible intrusions.

"If a government agency had found this rogue interception capability they would have made it public by now," says Ayers.

Interception capabilities already exist on New Zealand's internet, voice, and cellular communication backbone. The Telecommunications Act 2004 mandates that telcos like Telecom, Vodafone, and TelstraClear have interception capabilities which can be accessible by New Zealand law enforcement agencies.

"Methods to spy on New Zealand citizens are already there, and from the Dotcom GCSB saga we know that it can be used surreptitiously and in some cases illegally," says Ayers.

"If the Chinese want to spy on us they could use one of their agents to infiltrate a telco or bribe their way in, and take advantage of the interception capabilities that are already there."

Ayers says Huawei, and compatriot ZTE, are getting this attention due to a lack of trust of the Chinese government.

"We're not certain of what they're doing right now or will do in the future so I guess, rightly or wrongly, they're making the decision not to deal with them right now," says Ayers.

Ayers views are similar to comments made by some analysts in the US.