Well, there was the case where the the NSA intercepted hardware shipments (I think it was Cisco HW) to install their backdoors.

I have listened tales about backdoors in unmodified Cisco switches and routers so, I expect any country can try to backdoor another.

So it's something between a slippery slope and futile attempt unless you have a multi layer security from different vendors or roll your own defenses.

Maybe they were just too cheap to buy the backdoor off the (black) market... ;)

Internet was too ethical, naive and immature when NSA did that. We were happily using unencrypted connections to connect to forums, telnet based BBSes and such.

NSA, OTOH, intercepted the switches which would isolate high security networks (red/black separation) and bleed sensitive information with these enhanced hardware.

>As a non-US citizen, how can I be sure that all non-Huawei equipment is free of back doors, data-exfiltration and forwarding capabilities excluding the lawful interception feature set?

Packet capture from the edge is where I'd start.