The US Department of Justice (DoJ) is asking the Federal Communications Commission (FCC) to revoke and terminate China Telecom (Americas) Corp's authorization to provide international telecommunications services to and from the US.
The DoJ is doing this on behalf of President Donald Trump's new Committee for the Assessment of Foreign Participation in the United States Telecommunications Services Sector. This group includes the Attorney General and the Secretaries of Homeland Security and Defense. It's informally known as Team Telecom. It supervises foreign telecom FCC licenses.
Attorney General William P. Barr explained: "This is a national security and public safety issue. That's why the federal government must be vigilant and ensure that a foreign adversary cannot undermine the networks our country depends on."
Two days later, Barr asked the FCC to kick China Telecom out of the US.
Barr is asking the FCC to stop China Telecom for multiple reasons. These include:
- The evolving national security environment since 2007 and increased knowledge of the PRC's role in malicious cyber activity targeting the US;
- Concerns that China Telecom is vulnerable to exploitation, influence, and control by the PRC government;
- Inaccurate statements by China Telecom to US government authorities about where China Telecom stored its US records, raising questions about who has access to those records;
- Inaccurate public representations by China Telecom concerning its cybersecurity practices, which raise questions about China Telecom's compliance with federal and state cybersecurity and privacy laws;
- The nature of China Telecom's US operations, which provide opportunities for PRC state-actors to engage in malicious cyber activity enabling economic espionage and disruption and misrouting of US communications.
John C. Demers, Assistant Attorney General for National Security, added: "The security of our government and professional communications, as well as of our most private data, depends on our use of trusted partners from nations that share our values and our aspirations for humanity. Today's action is but our next step in ensuring the integrity of America's telecommunications systems."
In response China Telecom (Americas)'s Director of Corporate Communications Ge Yu, said, "Today, several government agencies took the procedurally unprecedented step of making allegations related to China Telecom Americas' FCC licensing. We unequivocally deny the allegations. The company has always been extremely cooperative and transparent with regulators. In many instances, we have gone beyond what has been requested to demonstrate how our business operates and serves our customers following the highest international standards. We look forward to sharing additional details to support our position and addressing any concerns."
China Telecom (Americas) parent company, China Telecom, is a state-owned company and the third latest telecommunications company in China. Americas is its largest foreign subsidiary. Telecom is also a leading 5G company.
The company has a sketchy internet security history. In 2018, China Telecom was "hijacking the vital internet backbone of western countries." The firm was accused of hijacking Border Gateway Protocol (BGP) routes. By doing so, it moved US and European traffic from their normal internet routes to paths, which took them through Chinese internet points of presence (PoP). Oracle confirmed a few weeks later that China Telecom had engaged in internet traffic "misdirection."
In 2019, China Telecom was caught red-handed using BGP to reroute a large chunk of European mobile internet traffic. At the very least, Doug Madory, director of Oracle's Internet Analysis division, said then: "China Telecom, a major international carrier, has still implemented neither the basic routing safeguards necessary both to prevent propagation of routing leaks nor the processes and procedures necessary to detect and remediate them in a timely manner when they inevitably occur."
BGP is, unfortunately, all too easy to hack. The MANRS internet security effort is one of several efforts afoot to make BGP and related internet more secure. In the meantime, BGP misdirection remains a common attack.
The US government has been trying to block Chinese telecommunications companies from doing business in America as part of Trump's trade war with China for some time. For example, Trump's administration recently banned government agencies from buying Huawei and ZTE equipment. In this case, there's a history of bad behavior that needs to be addressed.
UPDATED with China Telecom response.