The Real Reason Why Symantec Sold Its Interest in Huawei Symantec

Finally the truth about why Symantec CEO Enrique Salem decided to sell Symantec's share of the Huawei Symantec joint venture is out, thanks to the New York Times:

Less than four years after Huawei Technologies and Symantec teamed up to develop computer network security products, the joint venture is being dismantled because Symantec feared the alliance with the Chinese company would prevent it from obtaining United States government classified information about cyberthreats.

However I'd like to point out that I called this on November 15th, 2011 in this blog post where I wrote:

My question is, what happened between May and October to make CEO Salem change his mind?
Could it have been this Washington Times article last August about how four Senators and a Congressman were asking the Departments of Defense and Energy to look into the sale of H-S parts to a government research lab at the University of Tennessee? Or perhaps it was the release of an Open Source Center report on Huawei's Chairwoman Sun YaFang's past with the equivalent of China's CIA, the Ministry of State Security?
Or perhaps it was that the ludicrous nature of the relationship between a Chinese company with State affiliations and a security company who's supposed to protect their customers from espionage activities from that same State finally sunk in to Salem's brain?  No, it probably wasn't that.

And while the joint venture may be over, remember that a lot of Huawei equipment has already been sold to the U.S. government including DOD and NASA by Huawei Symantec through channel partners like MPAK and Dell Force 10 Networks. To make matters worse, no one is testing for backdoors in firmware updates to any of the hardware manufactured in China; not just Huawei but Dell's servers as well.

Add to Cart View detail

Symantec Still Selling Huawei Equipment - to the Dept of Defense

A November 17, 2011 article in Channelnomics states that "Symantec may have ended its experiment as a hardware manufacturer by selling its stake in its joint venture with Huawei Technologies, but Big Yellow remains committed to developing appliance-based backup solutions and will continue to contract with Huawei and Huawei Symantec as a hardware supplier (emphasis added). In a letter to partners, North America channel chief Randy Cochran says the contract manufacturing relationship between Symantec and Huawei will remain unaffected, as will Symantec’s commitment to marketing and developing appliance-based solutions."

So one of the world's largest security companies continues to partner with the very Chinese company that most of Symantec's customers are buying their systems to protect against. That displays a level of hypocrisy that I have no tolerance for.

Even worse, as General James Cartwright and others in the U.S. government rail against China, the Department of Defense, Boeing, Lockheed Martin and CSC are all buying Huawei Symantec hardware according to one Huawei Symantec channel partner that I spoke with privately. If Rep. Rogers makes good on his promise to hold hearings on Huawei and ZTE, I hope that he investigates who in the U.S. government and the Defense Industrial Base are buying Huawei Symantec products, which are all made by Huawei in China.

Add to Cart View detail

Who's Selling Huawei Products To The U.S. Government?

The House Permanent Select Committee on Intelligence recently announced that it would be conducting an investigation into whether the expansion of Chinese telecommunications companies Huawei and ZTE into the U.S. represents a threat to national security. I'm in favor of the investigation and in my opinion, one of the things that the Committee should investigate is the Huawei Symantec (HS) joint venture and its "Wingmen"; i.e., U.S. companies that have signed up as partners to sell Huawei Symantec products to the U.S. government and associated entities. Symantec has recently announced that it's selling its 49% share of the joint venture to Huawei however that raises the question of who will be servicing those accounts. It seems to me that it'll be Huawei by default. At least two of those wingmen are Dell's Force 10 Networks and MPak Technologies who recently won a contract with the University of Tennessee SimCenter which, in turn, caused several U.S. Senators to ask the Departments of Energy and Defense to investigate the reasons for the sale.

MPak Technologies Founder and President Mike Kornblum has openly said that "the performance of the Huawei Symantec hardware combined with Symantec software helped Mpak win deals with the U.S. government and a large contract at the University of Tennessee SimCenter: National Center for Computational Engineering." Personally, I'd love to know who in the U.S. government has paid Mpak for equipment made by Huawei and sold by Huawei Symantec through its U.S. partner MPak Technologies. The same with Force 10 Networks and HS other "wingmen". The House Intelligence committee should as well.

Related Posts:
Symantec Sells Its Stake In Huawei-Symantec Joint Venture
Huawei's Chairwoman Worked For Chinese Intelligence Before Joining Huawei
Here are the Facts about Huawei and the Chinese Government
Taia Global's Report On Huawei's Bank Loan Controversy
Huawei Symantec Hardware Powers U.S. Critical Technology Research
Symantec CEO Salem Needs To Get His Priorities Straight
Look Out Azure and EC2, Here Comes The Huawei Cloud Service
The Cyprus-Vienna Connection In Huawei Bribery Case

Add to Cart View detail

Symantec Sells Its Stake In Huawei-Symantec Joint Venture

Huawei just announced that it's buying Symantec's interest in their joint venture Huawei-Symantec (HS). This is a very interesting turn of developments for a joint venture that I've been railing against for most of 2011. Six months ago, Symantec CEO Enrique Salem said he either wanted to increase Symantec's stake in HS or sell shares to the public via an IPO. Then in October, he added the additional option that Huawei may buy Symantec's shares. Today, that's precisely what happened. My question is, what happened between May and October to make CEO Salem change his mind?

Could it have been this Washington Times article last August about how four Senators and a Congressman were asking the Departments of Defense and Energy to look into the sale of H-S parts to a government research lab at the University of Tennessee? Or perhaps it was the release of an Open Source Center report on Huawei's Chairwoman Sun YaFang's past with the equivalent of China's CIA, the Ministry of State Security?

Or perhaps it was that the ludicrous nature of the relationship between a Chinese company with State affiliations and a security company who's supposed to protect their customers from espionage activities from that same State finally sunk in to Salem's brain?  No, it probably wasn't that.

Add to Cart View detail

Cyber Profiteering: Profits Over Ethics

Profiteering is what happens when a business takes advantage of an emergency or a shortage to boost their prices. The Iraq war had its war profiteers like Haliburton/KBR and many others. The same thing is happening today during the "cyberwar" gold rush. Two recent examples are Gunter Ollman's article "Sinkholing for Profit" and Brian Krebs' article "Chasing APT: Persistance Pays Off". Krebs should have underscored the word "Pays" in the title because the article describes something akin to ambulance chasing. A cybersecurity firm Cyber ESI uses proprietary techniques (perhaps similar to what Ollman describes in his article) to identify corporate victims, then contacts them and tries to sell them remediation services at a high price. Unlike Krebs' article, Ollman didn't provide any names but thanks to Anonymous and the AntiSec movement, at least two companies' profiteering activities have come to light: Unveilance and Endgame Systems.

It's no secret that corporations and governments are overwhelmed, confused, and desperately looking for solutions that will allow them to defend themselves in cyberspace. That's a perfectly understandable state for them to be in. What isn't understandable, at least to me, is the behavior of some companies seeking to make a quick buck at the expense of the very people that they're purportedly trying to help. For example, I'll never understand how Symantec can sell services to protect their customers against IP theft from China while at the same time be profiting from a joint venture with Huawei, a Chinese company with clear ties to the Chinese government.

Profit with no ethics is what brought us to the point that we're at today; the Occupy movement being just the beginning. If things don't change in the "Cyber Industrial Complex"(CIC) soon, there will almost certainly be a backlash. Fortunately, this level of greed hasn't infected the entire industry. I personally know dozens of infosec companies that profit by putting their customer first; by providing a fair service at a fair price and getting paid for results. If CIC CEO's don't adopt an ethical pricing model and business practices on their own, then their customers should do it for them. C-level executives at victim corporations need to educate themselves about the realities of information security and network defense because cyber profiteers count on two things to win a customer: ignorance and fear. Becoming smarter about information security will save you money and improve your company's profitability instead of the other guy's.

Add to Cart View detail

Huawei Under Investigation For Fraudulent Bank Loans To Its Employees

According to this article in the Philippine Star, the China Audit Commission and the China Banking Regulatory Commission ordered four banks to withdraw their loans to Huawei employees after discovering that the company forced employees to take loans in order to buy Huawei shares. By doing this, Huawei's leadership was able to bypass laws requiring that such fund raising be publicly listed and supervised by the government. The benefit to Huawei was that this practice, rumored to have been going on for four years, would show the illusion of financial strength thus enabling it to secure larger credit lines with better terms. Larger credit lines also helps the company beat it's competitors by offering rock-bottom prices on its hardware that no one else can afford to match; the most recent example being the sale of Huawei-Symantec hardware to the University of Tennessee Sim Center.

This story was also covered in China Business Daily, which states that wrong-doing on the part of Huawei may include the fabrication of contracts. Earlier this year, Huawei was involved in a bribery scandal in Austria. In spite of the past government affiliations of two of two its senior leaders, and these allegations of financial wrong-doing, Huawei has managed to hire John Suffolk the former CIO for the British government and John Bellinger, former chief attorney at the U.S. State Department. Then there's  William Plummer - Huawei's mouthpiece on Capital Hill who claims that any ties between Huawei and the Chinese government are either invented by its critics or stem from a mistake in a 2001 Wall Street Journal Asia article.

Finally, and worst of all in my opinion, is the fact that Symantec's board of directors had approved forming a joint venture with Huawei in 2008 and remains eager to increase their profit margins with a possible IPO this year. How can anybody take Symantec seriously when it sells security solutions to companies being attacked by China (among other states) while at the same is in bed with a company so closely allied with the Chinese government?

Add to Cart View detail

Huawei Symantec Hardware Powers U.S. Critical Technology Research

Huawei Symantec, a joint venture between China's national champion firm Huawei Technologies and U.S. security giant Symantec, has secured its first high performance storage cluster win - the University of Tennessee's National Center for Computational Engineering. Huawei Symantec is 51% owned by Huawei and they defeated U.S. firms NetApp, EMC, and BlueArc among others for the UT sale. Well, not exactly Huawei Symantec directly. It was their channel partner MPAK Technology out of San Diego who made the sale. This has been Huawei's strategy ever since it became clear that the U.S. government wasn't going to cave in on its security concerns as easily as the U.K. government did. Rather than trying to sell direct, it has established partnerships with U.S. companies like MPAK and Force 10 Networks to do it for them. What will their equipment be used for? This is from UT's website:

The SimCenter: National Center for Computational Engineering is a center for integrated research and education whose primary goals are to establish next-generation technologies in computational modeling, simulation and design, to educate a new breed of interdisciplinary computational engineer who can solve a broad range of real-world engineering problems, and to provide consequent leadership and national impact in critical technology areas affecting defense, sustainable energy, environment, and health.

Huawei priced themselves far below their competition and the University went with the lowest bidder. Did national security concerns factor in to the decision? I've sent the university an email with that very question. If they respond, I'll post it here. My guess is that security wasn't a factor at all.

Related Posts:
China's Silent Cyber Takeover
Symantec CEO Salem Needs To Get His Priorities Straight

Add to Cart View detail

Symantec CEO Salem Needs To Get His Priorities Straight

I just read that Symantec (NYSE: SYMC) CEO Enrique Salem wants to either increase Symantec's stake in Symantec Huawei Technologies Co. Ltd. or sell shares to the public through an IPO, with a decision to be made by year's end. It's bad enough that the joint venture was formed in the first place. Why Mr. Salem would think that a leading U.S. security software company should form a business partnership with a Chinese company with strong ties to the State Council and Peoples Liberation Army is beyond me; particularly when the U.S. government has been so resistant to agreeing to Huawei's attempts to acquire U.S. companies or to buy Huawei products.

There's no lack of information about the Peoples Republic of China when it comes to informatized warfare, corporate espionage, technology transfer, information acquisition and processing, etc. Besides my own work on the subject, there's stellar work being done by Dr. James Mulvenon and LTC (ret) Timothy L. Thomas among others. So it can't be a question that Symantec's CEO is not aware of the problem. That leaves only two possibilities:

1. That he doesn't believe it to be true
2. That he doesn't care

If it's the former, then I'd be happy to arrange a briefing for him. If it's the latter, then I hope that he'll reconsider his obligation as a citizen of the U.S. to not engage in business practices that could negatively impact the security interests of our nation. Mr. Salem, you clearly have an obligation to your company, your board, and your shareholders to maximize profits. I hope that when you celebrate Memorial Day on May 30th, that you'll consider how to balance that obligation with the one that you owe to your country.

Add to Cart View detail

Look Out Azure and EC2, Here Comes The Huawei Cloud Service

On a recent trip to Beijing and Shanghai to attend Huawei's analyst summit, Gartner analyst Lydia Long learned that Huawei is planning to become a one-stop-shop Cloud computing provider. In other words, Huawei will not only be making network equipment, it will be developing Infrastructure-as-a-Service software (the Cloud stack) needed to provide a highly scalable public cloud like Microsoft's Azure or Amazon's EC2.

If Huawei's strategy in obtaining market share for its hardware is any indication, Microsoft, Amazon, Google, and other public and private cloud providers should prepare to have their pricing model ripped to shreds. Furthermore, the executives of companies who intend to move their data to the Cloud would be well-advised to re-think their cloud service provider requirements; moving beyond who the lowest-cost provider is to include who will add security guarantees to their Service Level Agreement. On the other hand, I'd wouldn't be surprised if Huawei took the initiative to become the first Cloud provider to revolutionize SLAs with exactly that kind of provision, considering that Huawei Symantec LLC is developing secure data storage devices for just such a service.

Huawei is not the only Chinese company that's investing heavily in the Cloud. Cloud computing has been designated a strategic technology by the PRC State Council in its 12th Five Year plan and placed under the control of the Ministry of Industry and Information Technology (MIIT). MIIT will be funding research and development for SaaS (Software as a Service), PaaS (Platform as a Service), and IaaS (Infrastructure as a Service) models as well as virtualization technology, distributed storage technology,  massive data management technology, and other unidentified core technologies.  Orient Securities LLC has predicted that by 2015, cloud computing in China will be a  1 trillion yuan market.

According to the US-China Council website, MIIT was created in 2008 and absorbed some functions from other departments including COSTIND (Commission of Science, Technology, and Industry for National Defense):

From COSTIND, MIIT will inherit functions relating to the management of the defense industry, with a scope that covers the national defense department, the China National Space Administration, and certain administrative responsibilities of other major defense-oriented state companies such as the China North Industries Co. and China State Shipbuilding Corp. MIIT will also control weapons research and production in both military establishments and dual-role corporations, as well as R&D and production relating to "defense conversion"--the conversion of military facilities to non-military use.

Beijing has a dedicated 7800 square meter industrial area called Cloud Valley which is home to ten companies focusing on various aspects of Cloud technology such as distributed data centers, cloud servers, thin terminals, cloud storage, cloud operating systems, intelligent knowledge bases, data mining systems, and cloud system integration. Clearly, the PRC has made a serious commitment to Cloud Computing for the long term. This doesn't portend well for today's private cloud service providers like NetApp or public cloud providers like Amazon, Google, and Microsoft; especially if buying decisions are made on price.

Add to Cart View detail