Investigation

Africa's Big Brother Lives in Beijing

Is Huawei wiring Africa for surveillance? Or just for money?

Chinese telecommunications giant Huawei may have been all-but-barred from doing business in the U.S. over allegations that it's basically an intelligence agency masquerading as a tech business. In Africa, however, Huawei is thriving.

From Cairo to Johannesburg, the Chinese telecom has offices in 18 countries and has invested billions of dollars in building African communications networks since the late 1990s. The company's cheap cellular phones today dominate many of Africa's most important markets -- and that was before Huawei teamed up with Microsoft earlier this year to launch a low-cost smartphone on the continent. Just in the past few months, the firm closed a pair of telecommunications deals in Africa each worth more than $700 million, part of an African business that brings in more than $3.5 billion annually for the Chinese firm. According to Huawei's marketing materials, the projects are all part of a mission of "Enriching [African] Lives through Communication." But current and former U.S. officials -- as well as outside security analysts -- worry there could be another agenda behind Huawei's penetration into Africa. They suspect that the Chinese telecom could be wiring the continent for surveillance.

"There's a great deal of concern about Huawei acting to advance the interests of the Chinese government in a strategic sense, which includes not only traditional espionage but as a vehicle for economic espionage," former Department of Homeland Security secretary Michael Chertoff told FP. "If you build the network on which all the data flows, you're in a perfect position to populate it with backdoors or vulnerabilities that only you know about, you're upgrading it, each time you upgrade the network or service it, that's an opportunity" to install spyware.

"That's a strategic issue for the countries in Africa and a strategic issue for us," added Chertoff.

Huawei spokesman William Plummer called such concerns "silliness," noting that the company "did $35 billion in business last year, 70 percent outside of China. We will not compromise our commercial success for any government." 

China has made no secret of its interest in Africa, investing more than $67 billion into large-scale projects on the continent from 2006 to 2012. Hundreds of Chinese troops are helping keep the peace in Mali, while Beijing's warships have contributed to the fight against pirates off the coast of Somalia for years. And no wonder: China is becoming increasingly dependent on Africa's farms to feed its people, on Africa's minerals to run its industries, and on Africa's oil to fuel its cars. China needs Africa as a partner -- the closer, the better.

Enter Huawei.

"Across Africa -- but especially in demographically large or resource-rich nations -- Huawei is offering exceptionally competitive prices, generous financing, and fully managed systems to governments that otherwise have grave difficulty expanding into broadband (and the internet in general)," Chris Demchak, co-director of the Center for Cyber Conflict Studies at the U.S. Naval War College, told Foreign Policy in an email.

Huawei isn't just providing cell phones, towers and fiber-optic cable and then turning them over to local businesses. The telecom giant -- and sometimes its Chinese rival ZTE -- is often running these networks for the local communications providers and the government.

"Generally, most of the employees operating these systems are Chinese and the arrangements usually include delegating maintenance and decisions about future updates to Huawei as well, thus ensuring the Chinese firm's control of the basic technological architecture's foundation, evolution, and operations," Demchak noted.

In June 2013, the firm signed a $700 million deal to build cellular networks in Ethiopia. At the same time, the company inked a deal to run communications networks in Nigeria -- networks that it's had a role in building -- for the next five years.  Huawei also helps run the communications networks in Zambia.

In oil-rich Angola, Huawei was awarded a contract to built LTE 4G cell networks for the state run mobile phone firm, Movicel. Interestingly, in 2008, Huawei's Chinese rival ZTE was given a contract from the Angolan government to manage the mobile business.

"Managing a nation's backbone telecommunications system, especially if it is seen to be the basis for future economic development, is an exceptionally powerful position economically, politically, and technologically for any firm in a country, let alone a foreign firm," Demchak said. "With that kind of monopoly (or near enough to same), it is much easier to quietly move massive streams of data, malware, and sophisticated penetration campaigns around through complex cyber systems without oversight."

Several of these African governments -- including the Zambian, Ethiopian and Zimbabwean regimes -- have all sought Chinese assistance in monitoring their country's digital communications networks, according to Mai Truong, an Africa analyst at Freedom House.

In February 2013, for example, "Zambian government sought Chinese expertise and assistance in installing internet surveillance and censorship equipment, which occurred after President Sata had signed an order earlier in the month authorizing the Office of the President to intercept both telephone and internet communications," Truong told Foreign Policy in an email. "In Ethiopia, Chinese technical assistance to monitor Ethiopian citizens online was confirmed in June 2012 when the government openly held an 'Internet Management' media workshop with support from the Chinese Communist Party."

While the Zimbabwean government's ability to monitor citizens' online behaviors isn't fully known, "the technology they do have is likely to have been provided by the Chinese, beginning in 2007 after the passage of the Interception of Communications Act," writes Truong. "The Chinese have also been blamed for hacking attacks against independent Zimbabwean news websites."

It's also worth noting that many African nations have publicly stated the Internet empowers too much free speech, so it's no secret many of them want to monitor their citizens' online activities. Just last fall, the Islamic terrorist group Boko Haram attacked cellphone towers across Nigeria, citing concerns that the Nigerian government was tracking the group via its members' cellphones. Meanwhile, the mysterious Zimbabwean digital whistleblower Baba Jukwa is being hunted by the government of President Robert Mugabe -- even as Jukwa claims Zimbabwean spooks trained in Internet surveillance are looking for dissenters.

Still, it's not really news that local governments work with telecommunications firms to monitor networks. 'Lawful intercept' is the intelligence world's term for this practice.

"With regard to lawful intercept capabilities  . . . everyone does that," former Central Intelligence Agency and National Security Agency director Michael Hayden told Foreign Policy.

What's potentially more disturbing about Huawei's involvement in African telecommunications is that it could provide the Chinese government with direct access to those networks.

"Would Huawei, in constructing a lawful intercept capability for a sub-Saharan nation, build into the system, their own access to the lawful intercept capability thereby giving them tremendous insight into what that state thinks or does about its security?" asked Hayden rhetorically. "Those are dangers."

"Even if there aren't any backdoors, which is a large hypothesis, just the Chinese state having access to the architecture of your system is a tremendous advantage for the Chinese should they want to engage in any electronic surveillance, any electronic eavesdropping," Hayden added.

"The Chinese see themselves in a global economic competition with the United States, and they see real advantages of at least having the possibility of exploiting [African] networks in the future," he added.

Last fall, the U.S. House intelligence committee urged American businesses not to work with Huawei, alleging that communications gear installed by the firm in the U.S was passing sensitive data about American companies back to China. But lawmakers didn't provide concrete examples of U.S. firms losing data because of their use of Huawei products. The congressmen instead repeatedly noted the strong connections between the Chinese company and the Chinese government, which is believed to be behind a massive global campaign of electronic espionage.

Plummer, the Huawei spokesman, indirectly acknowledged the fears about China's cyberspying. But he said those worries had only made Huawei's privacy and security protections stronger.

"In part due to the spotlight we are under based on our country of heritage, we have put in place sophisticated security assurance disciplines -- from ideation to after-market service -- to ensure the integrity of our gear and code," Plummer added.

He then suggested that westerners accusing Huawei of rampant spying "are looking into the 'mirror' of the U.S. PRISM and related programs and assuming like activity by other states.  "Whatever, whichever [spying] other states may be engaged in, Huawei is not involved and will not engage in any such activity."

And if there are concerns in Africa about Huawei as a potential Big Brother, they haven't hurt the company's revenues on the continent. In late 2012, Huawei predicted revenue from African business would increase 30 percent by 2015. The company's African revenue in 2011 was listed by Bloomberg as $3.42 billion -- a rise of 15 percent from the year before, meaning that African sales now make up 13 percent of the firm's global revenue.

The company has recently signed a $750 million deal to improve networks in Nigeria, built training centers in seven African countries, a research and development center in South Africa and opened its network operations center in Cairo where it monitors its African infrastructure from, in late 2012. It's sold millions of telephones and hundreds of thousands of smartphones across the continent, including its 4Afrika smartphone that it developed jointly with Microsoft. Huawei's IDEOS smartphone reportedly has 45 percent of the market share in Kenya.

While Chinese businesses are "omnipresent" in Africa, this isn't necessarily a bad thing, a recently retired senior U.S. military official with experience on the continent told FP. "A lot of that is resource driven, extracting resources to fuel the Chinese economy and they get access to those resources through infrastructure [building projects], low-rate loans, those kind of things. The Chinese are building roads, bridges, government buildings all over Africa. That's a very good thing, it's needed."

Huawei's deep involvement in African networks could only further China's economic expansion on the continent. It could give the Chinese an edge in almost any business deal or security matter on the continent. U.S. cybersecurity experts have repeatedly cited cases of Chinese hackers stealing American corporations' negotiating strategies and business plans in order to give rival Chinese companies a leg up on their American counterparts.

In addition to giving Huawei -- and potentially the Chinese government -- vital intelligence on African nations, Demchak worries that access to Africa's telecommunications infrastructure could make it even easier for Chinese hackers to disguise their attacks by rerouting them through the continent. Basically, the continent could serve as a giant laundromat for Chinese cyber-aggression.

"One could imagine a situation where the Chinese management of Africa's backbone in effect turns much of the continent into a 'bullet-proof host'," said Demchak describing a term for Web hosting services that permit illegal activities.

"In that case, laundering of bad cyber behaviors through these backbones could easily be largely untouchable and uncontrollable externally by other nations," added Demchak. If she's right, Huawei's investments in Africa might not just be problematic for the people who live on the continent. They could be an issue for all of us.

STR/AFP/GettyImages

Investigation

The CIA's New Black Bag Is Digital

When the NSA can't break into your computer, these guys break into your house.

During a coffee break at an intelligence conference held in The Netherlands a few years back, a senior Scandinavian counterterrorism official regaled me with a story. One of his service's surveillance teams was conducting routine monitoring of a senior militant leader when they suddenly noticed through their high-powered surveillance cameras two men breaking into the militant's apartment. The target was at Friday evening prayers at the local mosque. But rather than ransack the apartment and steal the computer equipment and other valuables while he was away -- as any right-minded burglar would normally have done -- one of the men pulled out a disk and loaded some programs onto the resident's laptop computer while the other man kept watch at the window. The whole operation took less than two minutes, then the two trespassers fled the way they came, leaving no trace that they had ever been there.

It did not take long for the official to determine that the two men were, in fact, Central Intelligence Agency (CIA) operatives conducting what is known in the U.S. intelligence community as either a "black bag job" or a "surreptitious entry" operation. Back in the Cold War, such a mission might have involved cracking safes, stealing code books, or photographing the settings on cipher machines. Today, this kind of break-in is known inside the CIA and National Security Agency as an "off-net operation," a clandestine human intelligence mission whose specific purpose is to surreptitiously gain access to the computer systems and email accounts of targets of high interest to America's spies. As we've learned in recent weeks, the National Security Agency's ability to electronically eavesdrop from afar is massive. But it is not infinite. There are times when the agency cannot gain access to the computers or gadgets they'd like to listen in on. And so they call in the CIA's black bag crew for help.

The CIA's clandestine service is now conducting these sorts of black bag operations on behalf of the NSA, but at a tempo not seen since the height of the Cold War. Moreover, these missions, as well as a series of parallel signals intelligence (SIGINT) collection operations conducted by the CIA's Office of Technical Collection, have proven to be instrumental in facilitating and improving the NSA's SIGINT collection efforts in the years since the 9/11 terrorist attacks.

Over the past decade specially-trained CIA clandestine operators have mounted over one hundred extremely sensitive black bag jobs designed to penetrate foreign government and military communications and computer systems, as well as the computer systems of some of the world's largest foreign multinational corporations. Spyware software has been secretly planted in computer servers; secure telephone lines have been bugged; fiber optic cables, data switching centers and telephone exchanges have been tapped; and computer backup tapes and disks have been stolen or surreptitiously copied in these operations.

In other words, the CIA has become instrumental in setting up the shadowy surveillance dragnet that has now been thrown into public view. Sources within the U.S. intelligence community confirm that since 9/11, CIA clandestine operations have given the NSA access to a number of new and critically important targets around the world, especially in China and elsewhere in East Asia, as well as the Middle East, the Near East, and South Asia. (I'm not aware of any such operations here on U.S. soil.) In one particularly significant operation conducted a few years back in a strife-ridden South Asian nation, a team of CIA technical operations officers installed a sophisticated tap on a switching center servicing several fiber-optic cable trunk lines, which has allowed NSA to intercept in real time some of the most sensitive internal communications traffic by that country's general staff and top military commanders for the past several years. In another more recent case, CIA case officers broke into a home in Western Europe and surreptitiously loaded Agency-developed spyware into the personal computer of a man suspected of being a major recruiter for individuals wishing to fight with the militant group al-Nusra Front in Syria, allowing CIA operatives to read all of his email traffic and monitor his Skype calls on his computer.

The fact that the NSA and CIA now work so closely together is fascinating on a number of levels. But it's particularly remarkable accomplishment, given the fact that the two agencies until fairly recently hated each others' guts.

Ingenues and TBARs

As detailed in my history of the NSA, The Secret Sentry, the CIA and NSA had what could best be described as a contentious relationship during the Cold War era. Some NSA veterans still refer to their colleagues at the CIA as 'TBARs,' which stands for 'Those Bastards Across the River,' with the river in question being the Potomac. Perhaps reflecting their higher level of educational accomplishment, CIA officers have an even more lurid series of monikers for their NSA colleagues at Fort Meade, most of which cannot be repeated in polite company because of recurring references to fecal matter. One retired CIA official described his NSA counterparts as "a bunch of damn ingenues." Another CIA veteran perhaps put it best when he described the Cold War relationship amongst and between his agency and the NSA as "the best of enemies."

The historical antagonism between the two agencies started at the top. Allen W. Dulles, who was the director of the CIA from 1953 to 1961, disliked NSA director General Ralph Canine so intensely that he deliberately kept the NSA in the dark about a number of the agency's high-profile SIGINT projects, like the celebrated Berlin Tunnel cable tapping operation in the mid-1950s. The late Richard M. Helms, who was director of the CIA from 1966 to 1973, told me over drinks at the Army-Navy Club in downtown Washington, D.C. only half jokingly that during his thirty-plus years in the U.S. intelligence community, his relations with the KGB were, in his words, "warmer and more collegial" than with the NSA. William E. Colby, who served as Director of Central Intelligence from 1973-1976, had the same problem. Colby was so frustrated by his inability to assert any degree of control over the NSA that he told a congressional committee that "I think it is clear I do not have command authority over the [NSA]." And the animus between CIA director Admiral Stansfield Turner (CIA director from 1977-1981) and his counterpart at the NSA, Admiral Bobby Ray Inman, was so intense that they could only communicate through intermediaries.

But the 9/11 terrorist attacks changed the operational dynamic between these two agencies, perhaps forever. In the thirteen years since the 9/11 terrorist attacks, the NSA and CIA have largely, but not completely, moved past the Cold War animus. In addition, both agencies have become increasingly dependent on one another for the success of their respective intelligence operations, leading to what can best be described as an increasingly close symbiotic relationship between these two titans of the U.S. intelligence community.

While the increasingly intimate relationship between the NSA and CIA is not a secret, the specific nature and extent of the work that each agency does for the other is deemed to be extremely sensitive, especially since many of these operations are directed against friends and allies of the United States. For example, the Special Collection Service (SCS), the secretive joint CIA-NSA clandestine SIGINT organization based in Beltsville, Maryland, now operates more than 65 listening posts inside U.S. embassies and consulates around the world. While recent media reports have focused on the presence of SCS listening posts in certain Latin America capitals, intelligence sources confirm that most of the organization's resources have been focused over the past decade on the Middle East, South Asia, and East Asia. For example, virtually every U.S. embassy in the Middle East now hosts a SCS SIGINT station that monitors, twenty-four hours a day, the complete spectrum of electronic communications traffic within a one hundred mile radius of the embassy site. The biggest problem that the SCS currently faces is that it has no presence in some of the U.S. intelligence community's top targets, such as Iran and North Korea, because the U.S. government has no diplomatic relations with these countries.

At the same time, SIGINT coming from the NSA has become a crucial means whereby the CIA can not only validate the intelligence it gets from its oftentimes unreliable agents, but SIGINT has been, and remains the lynchpin underlying the success over the past nine years of the CIA's secret unmanned drone strikes in Pakistan, Yemen and elsewhere around the world.

But the biggest changes have occurred in the CIA's human intelligence (HUMINT) collection efforts on behalf of NSA. Over the past decade, foreign government telecommunications and computer systems have become one of the most important targeting priorities of the CIA's National Clandestine Service (NCS), which since the spring of this year has been headed by one of the agency's veteran Africa and Middle East hands. The previous director, Michael J. Sulick, is widely credited with making HUMINT collection against foreign computer and telecommunications systems one of the service's top priority targets after he rose to the top of the NCS in September 2007.

Today, a cadre of several hundred CIA NCS case officers, known as Technical Operations Officers, have been recruited and trained to work exclusively on penetrating foreign communications and computer systems targets so that NSA can gain access to the information stored on or transmitted by these systems. Several dozen of these officers now work fulltime in several offices at NSA headquarters at Fort George G. Meade, something which would have been inconceivable prior to 9/11.

CIA operatives have also intensified their efforts to recruit IT specialists and computer systems operators employed by foreign government ministries, major military command headquarters staffs, big foreign multinational corporations, and important international non-governmental organizations.

Since 9/11, the NCS has also developed a variety of so-called "black boxes" which can quickly crack computer passwords, bypass commercially-available computer security software systems, and clone cellular telephones -- all without leaving a trace. To use one rudimentary example, computer users oftentimes forget to erase default accounts and passwords when installing a system, or incorrectly set protections on computer network servers or e-mail accounts. This is a vulnerability which operatives now routinely exploit.

For many countries in the world, especially in the developing world, CIA operatives can now relatively easily obtain telephone metadata records, such as details of all long distance or international telephone calls, through secret liaison arrangements with local security services and police agencies.

America's European allies are a different story. While the connections between the NSA and, for example, the British signals intelligence service GCHQ are well-documented, the CIA has a harder time obtaining personal information of British citizens. The same is true in Germany, Scandinavia and the Netherlands, which have also been most reluctant to share this sort of data with the CIA. But the French intelligence and security services have continued to share this sort of data with the CIA, particularly in counterterrorism operations.

U.S. intelligence officials are generally comfortable with the new collaboration. Those I have spoken to over the past three weeks have only one major concern. The fear is that details of these operations, including the identities of the targets covered by these operations, currently reside in the four laptops reportedly held by Edward Snowden, who has spent the past three weeks in the transit lounge at Sheremetyevo Airport outside Moscow waiting for his fate to be decided. Officials at both the CIA and NSA know that the public disclosure of these operations would cause incalculable damage to U.S. intelligence operations abroad as well as massive embarrassment to the U.S. government. If anyone wonders why the U.S. government wants to get its hands on Edward Snowden and his computers so badly, this is an important reason why.

David Burnett/Newsmakers