WASHINGTON — U.S. President Donald Trump on Wednesday signed an executive order laying the groundwork to block Chinese telecommunications companies like Huawei from selling equipment in the U.S., a move aimed at neutralizing Beijings ability to compromise next-generation wireless networks and U.S. computer systems.
The order prohibits the purchase or use of any communications technology produced by entities controlled by “a foreign adversary” and likely to create an “undue risk of sabotage” of U.S. communications systems or “catastrophic effects” to U.S. infrastructure.
The Commerce Department has 150 days to produce rules that can identify “particular countries or persons” as foreign adversaries. Those rules are almost certain to name China, Huawei, or both.
“Foreign adversaries are increasingly creating and exploiting vulnerabilities in information and communications technology and services,” Trump said in his executive order, “in order to commit malicious cyber-enabled actions, including economic and industrial espionage against the United States and its people.”
The order is sure to raise Beijings ire at a time when the worlds two largest economies are struggling to resolve a market-shaking trade war. The directive also comes as the Justice Department seeks the extradition from Canada of a Huawei executive charged with violating sanctions on Iran.
Trumps long-awaited executive order invokes the International Emergency Economic Powers Act and declares a national emergency to empower the government to block the purchase of technology linked to foreign adversaries.
The order declares that “the unrestricted acquisition or use” of such technology “augments the ability of foreign adversaries to create and exploit vulnerabilities” in U.S. infrastructure “and thereby constitutes an unusual and extraordinary threat to the national security, foreign policy, and economy of the United States.”
As POLITICO reported in February, the White House initially planned for Trump to sign the order that month before a major wireless industry conference in Barcelona. The move would have buttressed the Trump administrations argument that U.S. allies should not let Chinese firms build and operate the 5G networks that will soon power cellphones and the growing ecosystem of internet-connected devices.
The order was delayed, however, after Trump indicated his displeasure with it and after he extended the deadline for trade negotiations with Beijing. Administration officials did not want the order to disrupt the trade talks, sources said.
But the apparent breakdown of those talks this week opened the door for the executive order, according to a former Trump transition official who requested anonymity to speak candidly.
“The Administration has no qualms about poking the Chinese this week compared to the weeks and months prior,” this person said.
In addition to the Commerce-led process of identifying foreign adversaries and promulgating rules to block purchases, the order requires the Office of the Director of National Intelligence to assess threats from dangerous technology and produce an initial report on them within 40 days. It also requires DHS to produce annual reports on communications technology that presents security vulnerabilities, with the first report coming within 80 days.
The order authorizing a telecom ban is the latest salvo in a broad campaign to combat what U.S. officials call Chinas unfair and disruptive practices. While Trumps trade war has dominated the headlines, his administration has been pursuing a parallel campaign to disrupt Chinese cyber espionage, which since the early 2000s has led to staggering amounts of intellectual property theft and the most devastating counterintelligence breach in U.S. history, the hacking of more than 20 million peoples highly sensitive background documents from the Office of Personnel Management.
Most of the governments law enforcement actions have focused on trade-secrets theft. In December, the Justice Department brought indictments against two Chinese hackers on charges of running a decade-long economic espionage campaign. Chinese operatives allegedly stole hundreds of gigabytes of data from U.S. businesses and government agencies during that campaign.
But Wednesdays executive order, which languished for months after passing an interagency review, responds to a different concern.
The directive is part of a government-wide effort to grapple with the threats that foreign governments pose to the U.S. “supply chain,” the massive, convoluted and often opaque web of firms that produce goods and services for American companies and government agencies.
As globalization transformed how and where companies made their products, it created new security risks as governments struggled to identify the sources of components used in sensitive technology. And the increasing awareness of these vulnerabilities has opened new fronts in how the government approaches cybersecurity.
In the wake of embarrassing data breaches, government agencies have focused on simple solutions like multi-factor authentication — which requires a temporary code in addition to a standard password to access an account — and diligent patching of software flaws. But experts say that until the government can fully map out who is producing its hardware and software, there remains a more pernicious risk of stealthy technological tampering by advanced adversaries like China and Russia.
As a result, securing the U.S. supply chain has become a top priority for the federal government in recent years. Complementary activities are underway at the Pentagon, the Department of Homeland Security, the Federal Energy Regulatory Commission, the telecom agency NTIA and the technical standards agency NIST. And a law signed in December created a multi-agency council to consider proposals to ban risky technology from government networks.
New procurement rules will apply tighter cybersecurity standards to contractors in an effort to close vulnerabilities in that part of the governments acquisition process. Regulators are working on a rule to ban Huawei and ZTE products from government networks; a similar rule targeting the Russian cybersecurity firm Kaspersky Lab took effect in July. And a House panel is considering how best to prevent vulnerable telecom equipment from rRead More – Source