While U.S. Congress and President Donald Trump are in a dispute over how to penalize Chinese telecommunications firm ZTE for its shady practices, the company’s impact on U.S. consumers, especially small businesses, has already been under scrutiny at a congressional committee hearing.
On June 27, the House Select Committee on Small Business held a hearing on ZTE’s threat to American small businesses, attended by a panel of national security experts and cybersecurity firms.
Committee chairman Steve Chabot (R-Ohio) spoke of the problem that small American businesses face, of not being able to tell if a product or service was provided by a “nefarious actor” such as ZTE or Huawei, China’s other telecom giant.
FBI Director Christopher Wray, speaking at a Senate intelligence committee hearing in February, warned about the dangers of using smartphones made by ZTE or Huawei, since they provide ”the capacity to maliciously modify or steal information” and “conduct undetected espionage,” according to CNet.
“When we talk about existential threats to national security—and that is what ZTE is—it is the federal government’s job to protect Americans and American small businesses,” said Chabot.
Small manufacturers are the backbone of the U.S. economy. According to 2015 U.S. census data, 98.5 percent of all 251,744 firms in the U.S. manufacturing sector have less than 500 employees; 75 percent of them have less than 20 employees. The U.S. manufacturing sector contributed $2.25 trillion to the country’s economy in 2016, making it about the size of the ninth-largest economy in the world
Andy Keiser, a visiting fellow from the National Security Institute at the Antonin Scalia Law School at George Mason University, said the threat of ZTE and Huawei was revealed in an incident involving a Michigan company.
The company had approached the chairman of the House intelligence committee, Mike Rogers, with concerns about how the Chinese telecom giants were outbidding local companies in building cellular telephone towers in rural parts of Michigan. ZTE and Huawei’s bidding price was lower than the construction materials needed to build the towers.
The Chinese companies were not motivated by making profits, according to Keiser. “It is being done to harness the ability to collect vast quantities of information and to create leverage against adversaries in a potential conflict,” he said.
By infiltrating “our U.S. telecommunications backbone,” the Chinese companies could “incapacitate critical infrastructure” such as the electric grid, Keiser said.
David Linger, president and CEO of TechSolve, a consulting firm based in Cincinnati, Ohio, that serves industries such as aerospace and defense, spoke about how small companies are more vulnerable to being put out of business by cyber-attacks.
Linger pointed to research by the National Cyber Security Alliance that shows that of all global "internet of things" (IoT) attacks in 2016 to 2017, 21 percent originated from China, making it the top country of origin for such attacks.
Cincinnati Crane, an Ohio company that offers crane system solutions, had to lay off four employees, Linger said, after the company suffered huge financial losses when its email system was breached. It is unclear whether the attack came from China.
The company was the victim of a phishing campaign, whereby the compromised email system sent out bogus invoices with illegitimate banking information to the company’s customers. Not knowing the invoices were fake, customers continued to make payments to the company, totaling $200,000. The attack led customers to lose trust in the company, even though Cincinnati Crane has since implemented new cybersecurity policies.
A 2017 survey by the Ohio Manufacturing Extension Partnership showed that only 12.51 percent of Ohio manufacturers understood what cybersecurity was and had measures in place to protect their IT systems.
On June 19, the U.S. Senate passed a legislative measure that prevented Trump’s deal with China to allow ZTE to buy U.S. tech parts again if the company paid a fine of $1.4 billion and agreed to inspections by a U.S. compliance team.
The export ban was imposed in April after the Chinese firm was found to have broken a penalty agreement it signed for violating sanctions against Iran. Its business operations have been suspended as a result.