Huawei poses security risk to UK telecoms network, British spies warn

Oversight body can provide 'only limited assurances' that telecoms equipment provided by Chinese tech giant does not compromise security

Ben Chapman
Friday 20 July 2018 10:55 BST
Comments
In 2010, the government set up an oversight group, the Huawei Cyber Security Evaluation Centre (HCSEC), in response to concerns raised by BT among others
In 2010, the government set up an oversight group, the Huawei Cyber Security Evaluation Centre (HCSEC), in response to concerns raised by BT among others (PA)

Support truly
independent journalism

Our mission is to deliver unbiased, fact-based reporting that holds power to account and exposes the truth.

Whether $5 or $50, every contribution counts.

Support us to deliver journalism without an agenda.

Louise Thomas

Louise Thomas

Editor

The UK telecommunications network faces security risks from equipment supplied by Chinese firm Huawei, a government report has warned.

Security services said they can provide “only limited assurances” that telecoms equipment provided by Huawei does not compromise the UK’s national security.

Huawei - the world’s largest provider of telecoms equipment - supplies broadband and mobile equipment for the UK network.

But in 2010, the government set up an oversight group, the Huawei Cyber Security Evaluation Centre (HCSEC), in response to concerns raised by BT among others. HSEC is overseen by UK security officials, including some from spy agency GCHQ.

In its fourth annual report, published this week, HCSEC’s oversight board warned that “identification of shortcomings in Huawei’s engineering processes have exposed new risks in the UK telecommunication networks and long-term challenges in mitigation and management”.

On a visit to Shenzhen last year the panel found that the company was not adequately overseeing suppliers of third party products. The board added that it was “disappointed” that only limited progress had been made in dealing with previously highlighted issues.

Concerns were strong enough for HCSEC to alert Sir Mark Sedwill, the UK’s National Security Advisor, in February and remediation work has now begun, the report said.

“This work should give us the ability to provide end-to-end assurance that the code analysed by HCSEC is the constituent code used to build the binary packages executed on the network elements in the UK.

“Until this work is completed, the Oversight Board can offer only limited assurance due to the lack of the required end-to-end traceability from source code examined by HCSEC”.

The report marks an escalation in the level of perceived threat posed by Huawei’s involvement in vital UK telecoms infrastructure. HSEC’s three previous annual reports all concluded that any risks posed to the UK's national security “had been mitigated”.

The news comes as the US ramps up its efforts to end Huawei’s involvement in its networks. In May, the Pentagon went as far as to ban phones made by the firm from being sold in shops on US military bases, saying they posed a security threat.

The Australian government has also expressed concerns and is weighing up a plan to block Huawei from providing equipment for the country’s planned 5G network.

Reuters reported that Australian intelligence agencies had raised fears that the company could be forced to hand over sensitive data to the Chinese government.

In response to the HSEC report, a spokesperson for Huawei said: “We are grateful for this feedback and are committed to addressing these issues.

“Cyber-security remains Huawei's top priority, and we will continue to actively improve our engineering processes and risk management systems.”

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in