U.S., EU Plan Joint Foreign Aid for Cybersecurity to Counter China

Initial projects, likely in Africa or Latin America, could be under way by the end of the year, officials said. Russia’s invasion of Ukraine has underscored the importance of supporting telecommunications networks and other hardware in countries vulnerable to nation-state cyberattacks, they said.

The EU official said that Chinese technology can come with data-security risks. Officials from EU countries and the U.S. have said that products from Huawei Technologies Co., for example, contain built-in flaws that can be used for government espionage. Huawei has said that it won’t share data with the Chinese government.

“This is very much a question of defending democracy and defending people’s rights,” the EU official added.

Discussions about funding digital infrastructure in foreign countries started through the Trade and Technology Council, a U.S.-EU forum set up last year to resolve disputes between the two jurisdictions in several policy areas.

The council held its first meeting in September in Pittsburgh, and the war in Ukraine has accelerated the talks, as officials seek to counter the influence of Russia and other authoritarian regimes. The forum helped forge ties that proved critical when the two economies joined forces to impose sanctions on Russia after it invaded Ukraine, participants said.

After a second meeting of the council in May, European Commission Executive Vice President

Margrethe Vestager

said that “Russia’s war of aggression against Ukraine has further underlined the key importance of our cooperation with the U.S. on economic and technology issues.”

A model for the U.S.-EU cyber plans could be the partnership in 2020 to build the world’s longest undersea cable off the Pacific island of Palau, a U.S. State Department official said. The U.S., Australia and Japan helped fund different parts of the $30 million project, aimed at providing secure communications networks to Palau.

Funding efforts are expected to reflect policies where American and EU views are aligned, officials said, such as efforts to avoid using technology providers that government cybersecurity experts have warned against, officials said.

The U.S. has aggressively discouraged countries from using products from Huawei in their telecoms networks. The 27 EU countries in 2020 agreed to measures for assessing spying and cybersecurity threats posed by tech providers. The European Union doesn’t have the power to require its member countries to ban a technology provider, but several countries including Sweden excluded Huawei from their 5G networks.

Telecom executives, as well as officials in the U.S. and allied countries, have said Chinese gear is often cheaper than equivalent equipment made by Huawei rivals

Ericsson

AB and

Nokia Corp.

Through the new cyber partnership, EU and U.S. companies could work with government counterparts on contract bids to compete with Huawei, for example, to build infrastructure in a foreign country, the State Department official said.

European officials are also interested in collaborating with the U.S. on building digital infrastructure in Ukraine, the official said.

The war in Ukraine “adds urgency” to the talks over infrastructure funding, according to the State Department official. Russian missiles have intermittently taken down telecommunications systems in Ukraine, and a cyberattack on Feb. 24, the day Russia’s invasion began, disabled internet connections for thousands of Ukrainians and EU residents.

Some countries, especially those with few cybersecurity professionals, have a hard time keeping infrastructure protected because equipment has to be kept up-to-date with security threats, said Julia Schuetze, a junior project director for international cybersecurity policy at Stiftung Neue Verantwortung, a think tank in Berlin.

The U.S. and European countries need to simultaneously work on helping other states develop those capabilities, instead of making a “one-time effort” to pay for infrastructure, she said. “If certain vulnerabilities aren’t patched, the infrastructure isn’t secure anymore, and can you still say it’s trustworthy or secure?”

Write to Catherine Stupp at Catherine.Stupp@wsj.com

Comments are closed.