World
Actress Deepika Padukone promoting a Chinese brand.
Chinese telecom equipment makers have gate-crashed the telecom party by making low-cost and Western-equivalent telecom gear resulting in flooding much of the global market.
From modest origins, Chinese vendors have risen as behemoth organisations, whose revenues are second to none in the telecom vendor space.
Chinese vendors supply equipment to much of European, African and sizable Asian providers and have dominated many networks in India.
The Chinese vendors have had a dream run in India – using cost as the key differentiator towards achieving L-1 status in state-owned telcos and a combination of cost, inducements and fear to foray into private providers.
Chinese telecom vendors began with poor technology but used every rabbit out of their bag to develop products that aim to compete with their Western counterparts. And why not – telecom product design is not rocket science – the know-why is quite straight-forward especially if you have a large team and loads of cash and no one to ask questions.
Success then depends if the know-why-based product can be sold at a low-price-point making the product easy to be pushed into any market. And then of course, if the vendors belong to a country that is known for contract manufacturing, then the manufacturing process can also be quickly replicated.
Note that we did not use the word reverse engineered, though of course there have been ample of IP-related lawsuits that claim of theft, most of which were settled by strong-arm or tactics of doling out inducements.
Needless to say, when a vendor has good state backing, and there is guaranteed home-grown business to begin with, that means that there is a steady revenue stream that can be used to funnel back into development efforts and capture overseas markets.
Learning, copying, poaching all can then be used to build a good product portfolio once the revenue gets going, especially more so when you don’t have to really answer a shareholder, or the government in some way is your main backer.
In this way, Chinese vendors have come up.
So, despite their technologically questionable beginnings, certainly debatable ethics and super-doubtful intents especially as far as India is concerned, it is clear that Chinese products have today in the telecom space achieved a degree of market dominance that is enviable.
This is really where the worry is for India, from a short-to-medium term security perspective and long-term business/existential perspective.
Their story in India is quite unique. There were the days when Chinese vendors would respond to request for proposals (RFPs) dramatically – saying that they comply to every technical query asked in the RFP and then give an unbelievable low price-point, making them the lowest bidder.
Unfortunately, the Indian telecom industry is technologically inadequate, and most of the decision makers are technologically fed by vendor marketing.
Contrarily, AT&T has AT&T labs, Sprint has Advance Technology Labs, Orange has Orange labs, and NTT has NTT Labs, but none of our Indian providers have any credible research labs that can investigate into claims made by the vendors.
Even the ones setting up labs are not accustomed to the scale of things.
This is a serious challenge, especially when evaluating or even designing RFPs.
One sees RFPs being designed by favourite vendors and responses taken on face-value. It cannot get any worse for business.
This simply allowed the Chinese vendors to dominate the Indian telecom scenario over the past decade.
Since those unfortunate days, the only change that has happened is that the cost points have gone up – the Chinese vendors have carpet-bombed the field so much that even at a much higher cost-point they are now able to win RFPs after having bled their competitors to the point of no return.
Of course, when there is a need, the Chinese vendors will drop the price as low as is required to win business even if it were a temporary loss.
Often the idea is to get into a network (provider) and then make money through means such as annual maintenance contracts and lock-ins that imply repeat orders, often at higher costs.
While Chinese vendors have been brutally successful in wiping out competition or reducing them to second fiddle in the telecom provider space, the situation is not so severe in the enterprise and residential space, where there continue to be multiple other business-wise and certainly technologically viable vendors, including Indian-swadeshi options.
Of course, from a security standpoint, any vendor is a potential problem, especially those dealing with IP routers and equipment higher up the stack (firewalls, load balancers etc.). The situation is still not as bad as having equipment from a country that attacked you and claimed your territory.
In telecom networks, solutions have been quite homogenous – there is an IP/MPLS network, which has IP/MPLS routers, and then there is an optical network below the IP, which has optical transport equipment, and then there is the base-station equipment, which till the advent of 4G was also quite homogenous.
However, when it comes to 4G and 5G, things get mixed up. These are technologies that enter our homes and enterprises in a big way – wireless simply does not have the bandwidth to meet a large number of high-bandwidth users when the base-stations are less-than-half-to-a-kilometre away.
What this means is that to make these ultra-broadbands work, the technology enters your houses, your office, and everything in between.
So, you are exposing every piece of data and meta-data to the Chinese, which is quite a shame.
Imagine what one can do with such a scenario and that is why the US rightfully raises questions about restricting Chinese entry into 5G – it is more than just technological superiority and business; it clearly is a security challenge.
One would argue that data may still be encrypted for transactions etc, but the fact of the matter is that given access to handhelds, and given the ability to sniff into your home, office and wherever, a Chinese vendor does have monstrous access to you and your information.
Having Chinese apps makes the situation even worse, because these apps have access to your raw data.
One of the use cases for 5G is IoT (Internet of Things) in some rudimentary form – which means that the vendor can manipulate your home, office and all other public appliances at will, without even having to hack into “your” network – all he has to do is provision a "feature" that will do the work for him.
Chinese vendors often say that they are willing to give us their equipment code for testing. Testing a million+ lines of Chinese documented code, without support, manuals written in Chinese implies this is not even remotely possible.
Chinese vendors often approach Indian institutes, for setting up collaborations and labs, with the only goal of gaining legitimacy and approval.
Letting Chinese into a 5G network, is welcoming economic slavery 2.0.
The East India Company had to actually come here to rule us; with Chinese gear in our 5G networks, they don’t even have to come – just translate the manuals for us to install and provision their equipment.
They will manage us from Beijing, Shanghai or Schenzen – of course via a whole lot of proxy servers!
How particularly is 5G different?
The emerging 5G is not just a communication technology, it is going to be a way of life. And getting the only non-democratic P-5 country, which by the way is also opposed to you, and with whom we fought and lost a territorial war is really going to change our way of life.
Imagine an attack where all your information is misused, over time, draining you, causing outages, creating hurdles, all without even crossing the border.
In 5G, content plays a significantly prominent role.
For example, most of 5G is going to rely on multi-access edge computing (MEC), which means data processing in the edge of the network, which means that apart from the handhelds, core routers and servers are potentially risky.
MEC is a key source and if all the devices are from an adversary country, then this is a serious problem as everything can be controlled through the networks.
Managing and mitigating attacks in such a multi-domain 5G scenario with edge computing is a security nightmare. Security now is into consumer data, industry 4.0, IoT etc.
5G working group particularly specifies that trustworthiness among users cannot be taken for granted. This is hence the right time to ban the Chinese companies, if not now, it will be too late.
What can be done?
Break the solution into pieces, let each piece be done by a different vendor and integrate them using home-grown technology.
The key is to have scalable home-grown software to integrate the different pieces.
Apart from indigenous integration it is important that the end-user devices must not be Chinese – the core is already Chinese, which means that as long as the end user devices are able to encrypt data, at least some sort of short-term protection is possible.
Of course, we must purge the core of the red stars as soon as possible.
We have to have a way towards completely indigenous routers and switches in the access and core of the network.
We must use our incredible software expertise to provide scalable software fabric to run, manage and provision the underlying telecom gear.
Use equipment from a vendor in patches, sew them together with your own software (scalability of software is the key) and that is a short-term workaround till you are swadeshi-ready. Keep the data as low as possible in the stack, ideally Optical+SDN only.
That way, we will have safety, scalability and security.