US officials issue the UK with a dossier highlighting Huawei 5G risks
Officials from the US have issued Downing Street highlighting the risks of allowing Huawei to have involvement in national 5G networks.
The US has long taken a wary stance of Chinese telecoms equipment over concerns of state control and potential surveillance. With 5G set to be used for more critical infrastructure, the US has increased pressure on its allies to block Huawei equipment in particular.
Huawei has a reputation for innovative equipment at cost effective prices. With around 35.3 percent global market share, the company is the world’s most popular vendor. Many operators have already begun their 5G rollouts using Huawei equipment; including all four of the UK’s major telcos.
Andrew Stark, cybersecurity director at Red Mosquito, said:
“With Huawei kit already integral to the UK 3G and 4G networks, shifting to 5G with them offers the path of least resistance and increases chances of telecom companies meeting tight roll-out targets. There are currently only two other tech players capable of providing hardware for 5G, namely Nokia and Ericsson.
The problem lies with the fact that the hardware concerned offers the ability to carry out deep packet inspection which allows network data to be read and analyzed for security purposes. Theoretically, there is a risk that a hardware provider could easily intercept this data and 'spy' on 5G communications and, it is also worth noting that that Huawei technology already empowers governments across the globe to eavesdrop on their own networks.
Due to its mistrust of the Chinese government and, despite being a private company, the US essentially treats Huawei as state-run and therefore a security risk. By proxy, any other country that uses Huawei 5G hardware may also represent a security risk if data is being shared.”
A US delegation, led by deputy National Security Adviser Matt Pottinger, met UK officials in London on Monday and handed over a dossier to its "Five Eyes" intelligence partner which reportedly challenges the assessment of British intelligence services that Huawei equipment can be used in 5G without risking national security.
The UK has always taken a cautious but otherwise welcoming approach to Huawei. A dedicated Huawei Cyber Security Evaluation Centre (HCSEC) was established in 2010 to check all equipment for potential threats prior to their use in networks.
HCSEC consistently reported it was able to offer assurance that risks posed by the use of Huawei's equipment could be mitigated until last year.
"Identification of shortcomings in Huawei's engineering processes have exposed new risks in the UK telecommunication networks and long-term challenges in mitigation and management," officials said in the report.
Concerns were raised about technical issues limiting security researchers' ability to check internal product code and the sourcing of components from outside suppliers which are used in Huawei's products.
Huawei welcomed the report and said it proved that HCSEC was working. The company said it was committed to addressing the issues highlighted.
However, a follow up report from HCSEC in March slammed Huawei as being slow to address concerns and claimed that “no material progress has been made by Huawei in the remediation of the issues reported last year, making it inappropriate to change the level of assurance from last year or to make any comment on potential future levels of assurance.”
Even more concerning is that HCSEC’s report highlighted that further significant technical issues have been identified which pose new risks to UK telecoms networks.
“HCSEC's work has continued to identify concerning issues in Huawei’s approach to software development bringing significantly increased risk to UK operators which requires ongoing management and mitigation,” the report stated.
In February, the Royal United Services Institute (RUSI) – the world's oldest independent think tank on international defence and security – warned that allowing Huawei to participate in 5G would be "naive" and "irresponsible".
“It is far easier to place a hidden backdoor inside a system than it is to find one," the RUSI wrote in their report. "In the likely, but unacknowledged, battle between Chinese cyber attackers and the UK’s Huawei Cyber Security Evaluation Centre, the advantage and overwhelming resources lie with the former."
Conservative MP Bob Seely said "to all intents and purposes [Huawei] is part of the Chinese state" and involving the company would be "to allow China and its agencies access to our network.''
Huawei has repeatedly denied the allegations that it poses a security threat and claims Beijing has no influence over its operations.
Interested in hearing industry leaders discuss subjects like this and sharing their use-cases? Attend the co-located IoT Tech Expo, Blockchain Expo, AI & Big Data Expo, Cyber Security & Cloud Expo and 5G Expo World Series with upcoming events in Silicon Valley, London and Amsterdam and explore the future of enterprise technology.
- » Ofcom reiterates that 5G is safe following attacks on engineers and mobile towers
- » HPE launches Open Distributed Infrastructure Management initiative
- » British internet providers commit to measures helping people isolate
- » Satellite internet firm OneWeb files for Chapter 11 bankruptcy
- » All of the UK's operators report issues, just as people are asked to work remotely