Huawei may have been barred by the Australian federal government from National Broadband Network (NBN) deals on security grounds, but the Chinese vendor has invited governments to review its security capabilities in a new white paper.
The white paper, entitled Cyber Security Perspectives: 21st century technology and security--a difficult marriage, outlines that the vendor will support and adopt any internationally agreed standard or best practice for cyber security in its broadest sense.
"We will also support any research effort to improve cyber defences and continue to improve and adopt an open and transparent approach, enabling governments to review Huawei's security capabilities," wrote the author of the white paper, Huawei global security officer John Suffolk.
He added that all stakeholders -- including government and industry -- need to recognise that cyber security is a shared global problem requiring risk-based approaches, best practices and international cooperation to address the challenge.
"With the recent publication of threats such as Stuxnet and Flame, the world has reached a decision point: Does it continue on its current path whereby any misguided actor, regardless of motive, can operate freely in an unregulated world and develop malware for any purpose?," Suffolk wrote.
According to Suffolk, if industry and government accepts this route, then people must "stop complaining" and accept the consequences of the cyber race to the bottom of the pit and the return of the "Wild West".
However, he argued that countries could collectively step back from the precipice, as it has been done in other forms of warfare, and establish laws, norms, standards and protocols.
"Trust has to be earned and continually validated and also accepting that a lack of trust exists between some stakeholders when it comes to cyber security. In this scenario we must be realistic but determined."
He added that it was important for companies to work together to identify the anti-security players, and made a list of who to watch out for:
- Individuals who engage in a range of activities, including harassment, intimidation, bullying and grooming children for sexual exploitation.
- Hacktivists who are individuals or groups that have a particular point to make and use hacking to promote their causes.
- Criminals, both organised and disorganised who run various scams, from illicit trade and counterfeiting to industrial espionage.
- Terrorists, however defined, who set out to cause harm.
- Government-sponsored agents who use technology as they use other intelligence methods: To gather data and information on items of interest to them.
- Commercial espionage undertaken by a range of parties to obtain advanced information from a country or competitors for their own advantage.
"While the inclusion of governments on the list of cyber world adversaries seems incorrect given the outspoken nature of governments that vehemently decry those hacking their country, it is important to keep in mind that throughout history, spying and espionage have continually played a role in diplomacy, for better or worse," he wrote.
Sign up for Computerworld eNewsletters.