Britain’s National Security Council, which is chaired by Prime Minister Theresa May, will allow the Huawei to help build “non-core” parts of the country’s 5G network, such as antennas, it was revealed by the Daily Telegraph on Tuesday. The move came after repeated warnings by the United States concerning the security threat posed by the company, which is aligned with the Chinese government.
British Oversight Board Casts Doubts on Huawei 5G Equipment Security
The Prime Minister’s decision comes less than a month after the Britain’s Huawei Cyber Security Evaluation Centre (HCSEC) oversight board declared in a report that it has no confidence in the Chinese 5G manufacturer.
“HCSEC’s work continues to identify significant, concerning issues in Huawei’s approach to software development bringing significantly increased risk to UK operators, which requires ongoing management and mitigation,” the fifth annual report from HCSEC reads.
The HCSEC facility in Banbury, Oxfordshire, belongs to Huawei Technologies (UK), which was set up eight years ago to evaluate the security for a range of Huawei products used in the UK. The oversight board is supposed to ensure the independence and competence of the HCSEC.
“The oversight board states only that Huawei’s development and support processes are not currently conducive to long-term security risk management and, at present, the oversight board has seen nothing to give confidence in Huawei’s capacity to fix this,” the report said.
European Union Takes on 5G Security
In view of the turmoil Huawei’s perceived security risk is causing European countries, the European Union (EU) decided to get involved. A political and economic union of 28 states, the EU called for action at the national, as well as European, levels to ensure cybersecurity. The EU called upon each member state to complete a 5G network risk assessment by the end of June 2019.
“Member states have expressed concerns about potential security risks related to 5G networks and have been exploring or taking measures to address these risks, as well as stating that they were looking forward to a common approach at the EU level,” the European Commission, an institution of the EU, said in a March 26 statement.
The national risk assessments will consider various risk factors, such as technical risks and risks linked to the behavior of suppliers or operators, including those from other countries[O1] . At the EU level, member states will be able exchange information on cybersecurity and receive the support of the EU agency for cybersecurity, the European Union Agency for Network and Information Security. Together they will complete a coordinated risk assessment by October 2019.
Action on cybersecurity in 5G networks must be addressed, according to the European Commission, because of the interconnected nature of the wireless networks, the cross-border nature of the threats and the rising technological presence of China.
“Any vulnerability in 5G networks could be exploited in order to compromise such systems and digital infrastructure – potentially causing very serious damage or in order to conduct large-scale data theft or espionage,” the European Commission said. “The dependence of many critical services on 5G networks would make the consequences of systemic and widespread disruption particularly serious. This justifies the need for a robust risk-based approach, rather than one relying primarily on ex-post mitigation measures.”
Fears of Huawei Remain
Nevertheless, the United States and other countries fear that Huawei is capable of installing backdoors in its wireless networks that can funnel information back to Beijing. And the Chinese appear quite willing to harvest that information. A few years ago, in one of its five-year plans, the Chinese government openly admitted that it wanted to dominate the world’s telecom equipment supply, and it would support its companies to do that. Not coincidently, the Chinese government funds Huawei and ZTE. As a result, the United States has called on its allies to ban Huawei with varying degrees of success.
Some have listened to the warnings of the United States. Japan, New Zealand and Australia are all in the win column for the United States, with their own Huawei bans. France is considering putting Huawei equipment on its “high-alert” list. Last December, the Czech Republic’s cybersecurity agency issued security warnings against Huawei’s equipment. But that number does not seem to be growing.