Time for hardtalk. Welcome to hardtalk with me, zeinab badawi. How dangerous is the superpower rivalry in technology and information . Well currently, there is much focus on the tensions between the us and china over the chinese tech giant huawei. Soon, sg networks will be of critical part of oui networks will be of critical part of our world in transportation, power supply, our world in transportation, power supply, Payment Systems and so much more. Washington says the chinese cant be trusted because they may use that Technology Infrastructure for spying. Beijing says this is nonsense. My guess is the us top official on cyber information and security, ambassador robert strayer. He is ona security, ambassador robert strayer. He is on a mission to dissuade europeans from doing business with huawei but is washington losing the cyber war . Ambassador robert strayer, welcome to hardtalk. Labour thank you for having me. What are your fears exactly about using Chinese Telecommunications technology . Well, we are very excited about the promise of 56 technology because its going to power all times of Critical Infrastructure, autonomous transportation networks, vehicles, telemedicine and traditional types of infrastructure like the delivery of infrastructure like the delivery of electric power but we are concerned that in building those networks out that a country like china because of its National Intelligence law could cause a company like huawei to take action thatis company like huawei to take action that is not in our interest or another countrys interest like in the uk. We are concerned they could use their authority over that company to cause disruption of Critical Infrastructure or the removal of data back to china. He makes a mistake once as does the us secretary of state mike pompeo when he said we are against allowing open doors for beijings s my masters. What evidence they are doing this through huawei . We know there is a tremendous number of vulnerabilities in the system is the uks own Oversight Board found for huawei, hundreds of vulnerabilities and to quote, serious and systematic defect in huaweis Cyber Security engineering and competence so there is really in effect what we could call a bug door, not bugs and vulnerabilities that one could easily take advantage. Couldnt that be said of lots of other telecommunications giants, cisco, for example, us tech giant. There is no conflation. The authority of the government and its control over a company like you would see in china, where there is a delete direction without an independent judicial review that we have in the United Kingdom and the United States. That isa kingdom and the United States. That is a fundamental difference when the entire company is in the direction of the Chinese Communist party. You know what huawei says, a spokesman for the company says huawei is an independent five he owned company that has never been involved in a Cyber Security incident in 30 years of operation. Its got about 80,000 employees who own almost 99 of the company, they say they are not being used as a backdoor for spying. Our concerns are when the time comes, if it is in chinas advantage, they will compel the company to take certain actions. There are Chinese CommunistParty Members on the board, the founder of the company is committed is loyalty to the Chinese Communist party. The founder of the company told journalists in january that no law in china requires any company to that no law in china requires any com pa ny to install that no law in china requires any company to install mandatory backdoors. It requires them to participate. A bit of tit for tat. In the end, the arbiter of that will be xijinping in the in the end, the arbiter of that will be xi jinping in the Chinese Communist party so it is not the ability of mr ren to stop the mandate. You have these concerns and you have been on various missions trying to dissuade europeans from allowing huawei another Chinese Telecommunications to be involved in the auction of 56. What are they saying . A number of governments are understanding we are on this path of education together that comes from the supply chain. Everyone knows we should increase our Cyber Security capabilities across Telecommunications Infrastructure and but they know with 56 because of what it resents, the need to be more careful about the supply chain and a number of countries are saying we will exclude huawei from the core of the infrastructure of the future. We think that is insufficient because in the future, 56, there are going to be smart components, computing throughout so no part of the network which you want to be subject to compromise by an adversarial power. What are they saying . You are saying you dont want them to do this. You are saying they are not even allowing it. But france, italy, the United Kingdom, germany, they have all said no equipment supplier including huawei may be specifically excluded from 5g auctions. They are not listening to you. They are beginning to listen. We are on a path together. What they are understanding is the potential threat from the supply chain to the future of the Critical Infrastructure they are going to be building. None of them have made final decisions in the European Commission as well as a Conference Held in prague came out with sets of intervals which said need to Pay Attention to the threat from a third country over the telecommunications vendor. That is a positive sign. They Pay Attention to that criteria and it should lead them to excluding and it should lead them to excluding a company like huawei which is under the direction of a foreign power. You said if a trusted vendor has been used by any western country, you would have to reassess the United States ability to share information with that country. Does this mean the us would not share intelligence with western allies anymore if they did use huawei . Its really a hypothetical. We have to reassess. Not really a hypothetical, given what you are saying. Its a hypothetical over how its going to be inserted into the network. Its important we protect that intelligence information. People literally die when our intelligence information is leaked out. We have a very high responsibility to make sure we dont lose control of that information. Other sensitive personal information we are sharing all the times we would have to reassess how our sharing is conducted with countries that have huawei in their 5g networks. Conducted with countries that have huawei in their 56 networksm sounds like you are almost issuing a threat to the europeans if you are to use huawei in your non core, even sg to use huawei in your non core, even 5g technology, were not going to share intelligence. That a threat. 0ur share intelligence. That a threat. Our partners like the uk, which is our closest security partners, understand we can have a frank dialogue. We want them to understand how serious this concern is to us and how important to have a reassessment of our intelligence sharing because of what we think is at stake. Have you made any progress in your talks with other members of the administration . We are going to ostracise huawei. A lot of countries are saying they dont want huawei in the core of their networks. We think it should be anywhere, that is information or the Critical Infrastructure taken down which is riding on the part of the network, evenif riding on the part of the network, even if its not considered the core anymore. What you are saying here is slightly tempered by president trump. He said this to the uk and other friends in trump. He said this to the uk and otherfriends in europe. When he visited and was asked whether he would limit the flow of us secrets over his position, he said no, because we are absolutely going to have an agreement and everything else, we have an incredible intelligence relationship and we will be able to work out any differences. I couldnt agree more. It is considered to be put on the one hand you are saying dont use it, on the other, good friends, this wont come between us. Over time with the uk we always find a way to move forward, we are the closest of partners. Where else we talked about huawei, but where are the biggest risks to Cyber Security coming from . Its quite a big field. Its not just the use of telecommunications. Telecommunications is the underlying infrastructure but as we were seeing from 2017, an increasing number of destructive cyber attacks. Two of those were in 2017, the wanna cry attack which caused systems to be locked up in the uk including Hospital Systems and we saw the russians launched the not petty attack, which was initially launched against the ukraine but affected transport net works around the world including the distribution of drugs in the United Kingdom. Those destructive and debilitating attacks cause billions of dollars of damage and that is why nationstates feel empowered to use those tools against civilian populations. The kremlin says it is not been involved in these attacks youve cited but pointing the finger at russia, is responsible . Wanna cry attack was north korea, other countries joined us north korea, other countries joined us in that attribution in the not petty attack, ten countries joined with United Kingdom in attributing that to russia so an increasing ability for us to join together among a number of like minded countries to attribute that to russia and we had an organisation for the prohibition of chemical weapons, and attack, 22 countries joined together to attributed that to russia. We saw in 2007, the Estonian Authority said that russia had launched this cyber attack which nearly shut down their systems and really debilitated them. In terms of these kind of attacks, the secretary general of nato, gens stoltenberg, said a cyber attack on a member could lead to article five being invoked. There would be response from more nato members. Hejust said that. Is that a position the us supports . It is a need wide position agreed to. If there was a cyber attack to be significant enough to be a use of force, it could trigger what they call article by which is the collective response mandate of nato. What would constitute that . Threat to life or actual life being lost . Typically under, and i dont want to get into the passing of international law, the passing of international law, the destruction of property and loss of life. Have seen a number of disruptive attacks which havent risen to the level of which we would call the use of force. That wouldnt necessarily be a military or cyber response. There are other ways we can respond about activities. Taking the example of what happened with the example of what happened with the poisoning of the skripals. The russian attack. The russian attack on the russians in salisbury, england, the skripals, that was responded to in a way that did not involve a similar manner the attack occurred. We expelled a number of their so called deployment in countries around the world in response. We could think about other responses. Like what . Non military means. The way mr stoltenberg was painting it, invoking ideas of the mutual are stored assured destruction we had in the cold war, talking about nuclear attacks. Just obliterating everybody. We are not talking about that, mad. Countries such as the us and uk adhere to Armed Conflict law where we must respond proportionally. A full range of options on the Table Including military depending on the type of attack and what it means for our societies but in between there are Law Enforcement efforts to prosecute the individuals or companies involved, sanctions can be put in place against individuals or entire sectors of economies and there are other tools that we could use to affect that country in negative ways to change their calculus, how they think about doing that kind of attack in the future. Thats part of our overall effort to have cyber deterrence in the future. Is it hypothetical or has it happened . Have you managed to prevent this type of attack happening . What weve done so far is this attribution together, eclectic action of naming and shaming which has some impact. We are seeking to build an understanding about norms of responsible state behaviour, and they should act in cyberspace, not in ways that cause damage or disruption to Critical Infrastructure so that is one of the most important normative behaviours that we want to establish. 0ver time, we can start bringing together consequences with a range of other countries against malicious state actors. You dont want to specify who, where any potential attacks where youve thwarted that youve thwarted were coming from. Weve responded to russia and chinese actors by having sanctions and indicting individuals and also iran by indicting individuals so were taken action is sending a message about the types of activity they we re about the types of activity they were undertaking. There is also a different type of warfare, Information Warfare, it doesnt rely on technical ability and im referring to the us special counsel report by robert mueller, looking at russian interference in the american president ial election in 2016 and obviously his long detailed report showed that there was, you know, you had misinformation being put out on the internet and so on. Do you think that we might see similar kind of effort in the 2020 elections . Is a lwa ys effort in the 2020 elections . Is always possible. We have to be prepared for it. And are you prepared for it. And are you prepared for it. And are you prepared for it . Yes, we think we are prepared but we know that the actors on the other side are dynamic we need to be able to respond to them so we need to keep upping our defences was not we think we were successful in 2018 in our mid term elections but we know 2020 is a different level of election with the president ial election at stake and so we need to be able to dynamically respond to the threats that we are seeing coming from adverse areas that might seek to use Information Operations against our very open societies. It comes to these kinds of Information Warfare is, the United States is also accused of also being at it. I mean, russias National Security strategy in 2015 very clearly set out in its report that it sees the United States and its allies and as as seeking to contain russia by exerting, information pressure in an increasing intensifying atmosphere. We cant draw equal footing here between the us and russia. Russias activities doing the 2610 election and the other types of online activities are quite malicious in the sense that they, in 2016, stole documents and then them through cutouts in various venues online. They have also basically used their abilities, and platforms, to leverage their message against us. We do not participate in similar kinds of activities against russia. But what do you do when you make these kinds of statements about fake news and deep fake videos and so on when you have the recent example of the speaker of the us house of representatives nancy pelosi with this fake video of her, showing her purportedly drunk while she is making a speech and it is retweeted by the president of the United States . By the president of the United States . You can retweet then, that doesnt cross any lines as far as i know and it doesnt usually indicate a support for something. He didnt mention it was a fake, though, that was the point. And so he retweeted it and when you come here as the us top official in Information Technology and so on and so forth and you say that this kind of interference we have had from writer is unacceptable and yet you have the president read tweeting a video like that, it does kind of undermine your position somewhat . that, it does kind of undermine your position somewhat . I would say is a very important distension to remember here, that was done in an open transparent way. Transparency is key. You know in that case who was re tweet in full stop in many cases of the russian involvement, in almost all cases, they did not disclose it with someone from writer seeking to influence people in the us. But when facebook itself says it doesnt have this policy that stipulates that the information you post on facebook must be true, is that acceptable . Because thats where the video was put up. There is an ongoing debate with our platforms and within our government about how we should approach Platform Companies and their duties and responsibilities and we are talking toa number of responsibilities and we are talking to a number of our partners in europe as well about this issue about what is responsible behaviour for these platforms. There has been a number of efforts, of course, to ta ke a number of efforts, of course, to take down extremist content, truly illegal content, which would include child pornography and other sources but you when you get to this other category of Incorrect Information thatis category of Incorrect Information that is in those pla