Huawei ‘a significant long-term security risk’, NCSC says
A long-awaited report from the National Cyber Security Centre (NCSC) into Chinese telecoms firm Huawei has concluded that the hardware manufacturer poses a serious long-term threat to the security of the UK's communications networks.
Huawei has been under scrutiny for some time as questions have been raised about its links to the Chinese government, with countries including the US and New Zealand already placing restrictions on what business the company is allowed to do in those nations.
Some security experts have urged the UK to follow suit, and the new report from NCSC may well give them more ammunition after it highlighted major shortcomings with Huawei's security efforts and noted it can provide "only limited assurance that the long-term security risks can be managed in the Huawei equipment currently deployed in the UK".
While some commentators have speculated that the firm's close relationship with the Chinese government could result in it being used to spy on the UK's communications, the NCSC's report did not find any evidence that Huawei is deliberately adding backdoors or other workarounds that would allow it to carry out espionage.
Rather, the NCSC's concerns surrounded poor security practices at the firm that lead to critical vulnerabilities that pose serious security risks.
It noted there are "significant technical issues" in the firm's engineering processes that will bring "significantly increased risk to UK operators".
"No material progress has been made by Huawei in the remediation of the issues reported last year," the report goes on to state, adding: "It will be difficult to appropriately risk manage future products in the context of UK deployments, until Huawei's software engineering and cyber-security processes are remediated."
Several companies have already warned that an outright ban on the use of Huawei's equipment in the UK would significantly harm the rollout of 5G services, as Huawei is one of the key manufacturers providing hardware for antenna masts and other vital infrastructure.
Responding to the report, Huawei said it took the concerns raised by NCSC "very seriously", and highlighted plans to invest up to $2 billion (£1.52 billion) in improving its capabilities. It also said it would continue to work with UK operators and the NCSC to meet their requirements.
Share This Post, Choose Your Platform!
With over 25 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.
Savings through automation, scale, improved service. We’ve got that covered. But the true value comes with empathy, through empowerment, collaboration. It’s connecting people that drives us forward. It’s people that make tomorrow happen.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.