CHINESE-MADE COMPONENTS IN DEVICES CERTI-fied for use on a federally managed public safety network are designed to be able to send information to servers in China and it’s not clear how effective security measures to prevent that are, according to engineers and industry sources with knowledge of the equipment who spoke to Newsweek. The components, or cellular internet modules, are generally used to connect objects, from cars to medical equipment to refrigerators, to the internet.
The ubiquity of Chinese cellular internet modules in these and other devices in the so-called Internet of Things (IoT) has prompted concerns in Congress, including an August 7 letter from the House Select Committee on Strategic Competition between the U.S. and the Chinese Communist Party urging regulators to address the potential security risk.
“Using these modules may create a back door for malign Chinese government actors to access and potentially cripple first-response devices,” Select Committee Chairman Republican Rep. Mike Gallagher of Wisconsin, tells Newsweek. He adds, “It’s just common sense: American critical infrastructure must not be dependent upon CCP [Chinese Communist Party] technology.” The letter was also signed by the committee’s ranking Democrat, Illinois Rep. Raja Krishnamoorthi.
Officials from the FirstNet Authority, the federal agency that manages the emergency network, tell Newsweek that Chinese modules are used in devices certified for their system, but say their testing and other measures keep them secure. Security experts and former officials say they are much less confident.
The House committee’s letter urges the Federal Communications Commission (FCC) to use the same tools Congress gave it to keep the commission will “closely review the Committee’s letter,” adding, “We take very seriously the security of U.S. networks and equipment. We have taken strong actions on a bipartisan basis to remove untrustworthy equipment and network operators from U.S. networks.”