Australia's decision to block Huawei from bidding for work on its $38 billion national broadband network has less to do with the Chinese telecoms firm itself and more to do with a growing concern that foreign countries - particularly China — are stealing the country's governmental and commercial secrets via the Internet, security analysts and researchers said.
Australia has blocked Huawei from bidding on the national network - one of the world's largest such infrastructure projects, which is expected to run high-speed Internet cables to all but the remotest of Australian homes — citing security concerns. It has not detailed what those concerns are.
Alastair MacGibbon, who directed Australia's High Tech Crime Centre before setting up the Centre for Internet Safety, said that while he had nothing against Huawei, he welcomed the decision because it showed the government was putting security over cost — and the possible diplomatic fallout from Australia's largest trading partner.
"A decision like this would have been made at a very high level and they would take into account the consequences, which probably aren't insignificant," he said. "You would have to imagine that was a pretty big security concern."
Government officials have declined to detail what those concerns are, but have said they originated from the Australian Security Intelligence Organisation (ASIO), which has become increasingly voluble about the problem of Internet-based espionage from what it calls state-sponsored actors.
In its latest annual report to parliament it said: "Espionage by cyber means - one aspect of the larger threat - is emerging as a serious and widespread concern that will continue to gain prominence given Australia's increasing reliance on technology in commercial, government and military business."
Although it has not mentioned China by name, MacGibbon and others said it's understood that most of the threats emanate from there.
Casey Ellis, a Sydney-based security specialist, said incident response teams "were very busy and a lot of the corporate stuff they deal with appears to have links to China."
Indeed, in 2010 three major resource sector companies, BHP Billiton, Fortescue Metals and Rio Tinto were targeted, and last year parliamentary e-mail accounts were hacked, including those of three ministers. Researchers say there are probably many more such attacks that either go unnoticed or the companies affected are reluctant to publicize.
"I'd assume the majority of this activity is going unreported. Not only is it embarrassing for the company, but even top-shelf companies have taken months to uncover some of these attacks, sometimes by chance," said Chris Horsley, a Brisbane-based security consultant.
China has routinely denied any involvement in such attacks. Huawei on Tuesday blamed such activities on private citizens and vigilante groups.
While there's little question Australia is an increasing target of cyber-espionage, analysts and researchers said they were surprised the government was blocking Huawei from this particular project. Huawei is after all one of Australia's largest vendors of equipment to telecoms operators and Internet service providers.
The issue, some researchers say, would come down to whether Huawei had built back doors into its devices through which it can eavesdrop data. Huawei has this week offered to open up its source code - the software that runs a device - to try to persuade the Australian government to change its mind.
But other security analysts say that it's not just a question of back doors.
Jeffrey Carr, a Washington-based security consultant, says the absence of a back door doesn't mean the device cannot be compromised later through an update to the software controlling the device.
"Huawei has encouraged governments worried about its hardware to check it for back doors," he said. "However, the fact that there's no back door doesn't mean the hardware can't be compromised later. Hardware needs to be updated just like software and to date there's no automated way to test hardware updates for back doors."
And while the National Broadband Network may on the surface be a countrywide Internet network it is still a strategic asset, run by a government company. That means it's logical for the government to be wary about which companies supply equipment for it and build it.
"It's easy to separate work and home computers and things like that," said Melanie Symons, who runs an Australia-based consulting company hunting for attackers on clients' networks. "But in reality the distinction between home and work computers is not that clear cut. There's a risk of malware moving from home computers to corporate networks, and it's not uncommon for hackers to target home computers for this reason."
Researchers and analysts said the Australian government and ASIO are unlikely to reveal what prompted them to block Huawei.
"This is down to one of two things," said one Sydney-based security researcher who declined to be named because his company had not authorized him to speak. "The accusations are completely baseless - or our intelligence agencies have information about Huawei."
(Reporting By Jeremy Wagstaff; Editing by Ian Geoghegan)