‘British intelligence service finds the risk of 5G equipment Huawei manageable’
A British intelligence agency would find that the risk of using Huawei’s 5G equipment can be limited. The Financial Times reports this on the basis of two anonymous sources.
According to the Financial Times, the NCSC, part of the GCHQ, has ruled that there are ways to mitigate the risks of using Huawei network equipment. The report has not yet been published. The magazine has spoken to two anonymous sources ‘who are familiar with the conclusion’. Responding to the FT, the NCSC said it has “unique overview and insight” of the Chinese company and expects Huawei to address technical and security concerns raised in an earlier report.
In that report, an annual report from the Huawei Cyber Security Evaluation Center Oversight Board, the NCSC says it has less confidence in the security that Huawei offers in the long term on a technical level, such as with support. “This is due to the repeated discovery of critical shortcomings in the way of working. Those shortcomings will increase risks in the UK in the long run. Significant work is needed to manage these risks.”
The report, published in the summer of 2018, identifies two critical shortcomings, relating to software and support. The latter is about third-party parts that are nearing the end of support, while the Huawei product containing the part has a longer support period. According to the HCsec, it is a significant risk to the UK telecom industry if Huawei and the component builders are unable to provide long-term support for the components.
According to the FT article, the United States warns against using Huawei equipment because the risk is too high due to the speed and military applications of 5G. According to the Americans, Huawei can use malicious software updates to facilitate espionage, but evidence for this does not appear to be available yet, at least not publicly. Several countries are following the advice of the US.