Security Experts:

Connect with us

Hi, what are you looking for?


Security Infrastructure

As US Pushes to Ban Huawei, UK Considers Softer Approach

Britain can handle the security risks involved with using mobile networks made by China’s Huawei, the cybersecurity chief said Wednesday, adding to a growing debate among countries on whether the company should be banned, as the U.S. wants.

Britain can handle the security risks involved with using mobile networks made by China’s Huawei, the cybersecurity chief said Wednesday, adding to a growing debate among countries on whether the company should be banned, as the U.S. wants.

Ciaran Martin, the CEO of the U.K. National Cyber Security Centre, said it was important to have “sustainable diversity” in the supply of telecommunications equipment. He added that his agency could handle the challenges involved in monitoring suppliers who many not be considered trustworthy — a hint at Huawei.

Huawei, the world’s biggest maker of switching gear for phone and internet companies, has faced rising scrutiny over U.S. allegations that it could be forced by the Chinese government to provide access to consumer data on its networks.

As countries roll out new high speed fifth generation, or 5G, mobile networks, they are seeking suppliers and the issue of whether to ban Huawei has become a heated debate.

Some frame it as a cold evaluation of the technical risks. Others see it as part of a broader tussle between the U.S. and China for technological dominance. The U.S. has effectively blocked Huawei for years and is accusing China of stealing technology from foreign companies.

U.S. government officials including Vice President Mike Pence publicly warned European allies against using Huawei during a visit last week.

Authorities and telecom operators in countries such as Germany, Norway and the Czech Republic have been reassessing Huawei’s role in 5G networks while Australia, New Zealand and Japan have already moved to curb the use of its gear to varying degrees.

Experts say Huawei networks are generally cheaper than those of competitors and are of a high quality, making it a difficult decision for governments and telecom operators to shun the supplier altogether. Banning Huawei could also delay the rollout of 5G networks, which are considered necessary for the next generation of internet-connected things, from self-driving cars to smart factories.

The British government is due to complete a review of its policies on the safety of 5G in March or April.

Martin said no decisions have yet been made and “everything is on the table.”

Since 2010, the British government has operated a cybersecurity evaluation center for Huawei equipment, which Martin said was part of “the toughest and most rigorous oversight regime in the world” for the company.

“And it is proving its worth,” he said, according to a transcript of a speech he gave at a conference in Brussels.

The cybersecurity center in July identified technical issues in Huawei’s engineering processes that could make it less safe. Huawei said last month that it would take three to five years to fix the problems.

Martin said the issues his agency identified relate to cybersecurity standards and are “not indicators of hostile activity by China.” He told reporters that mistakes in software are the biggest issue for cybersecurity, more so than the risk of a foreign government getting backdoor access.

Huawei competes with a few big rivals, notably Finland’s Nokia and Sweden’s Ericsson, to supply equipment for 5G networks.

Martin said it’s important not to let the telecom equipment supplier market shrink too much.

“Any company in an excessively dominant market position will not be incentivized to take cybersecurity seriously,” Martin said, adding that such a company could be a “prime target for attack for the globe’s most potent cyber attackers.”

In a sign of Britain’s division over 5G, a security think tank warned the same day against using Huawei gear.

“Allowing Huawei’s participation is at best naive, at worst irresponsible,” the Royal United Services Institute said in a report, which cited factors including the difficulty of finding hidden “back doors” in software.

Germany is still undecided on what to do. It has made clear it doesn’t plan to explicitly bar any single manufacturer, though that leaves open the possibility it could frame system requirements in a way that effectively excludes Huawei.

Officials are wary of the security issues that could arise with Chinese involvement, and the German Interior Ministry said Wednesday that internal discussions were still ongoing on how to proceed.

“A direct exclusion of a particular manufacturer from the 5G expansion is at the time not legally possible and also not planned,” the Interior Ministry told The Associated Press. “For the Interior Ministry the focus is on adapting the security requirements of the telecommunications network in such a way that the security of the network remains guaranteed, including from possibly non-trustworthy manufacturers.”

The ministry said for that to be ensured, the requirements must be anchored in Germany’s telecommunications law and discussions on how to do that are currently ongoing.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Security Infrastructure

Comcast jumps into the enterprise cybersecurity business, betting that its internal security tools and inventions can find traction in an expanding marketplace.


Identity and access governance vendor Saviynt has closed a $205 million financing round.

Security Infrastructure

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture


Security orchestration, automation and response (SOAR) provider Swimlane on Monday announced the launch of a security automation solution ecosystem for operational technology (OT) environments.

Cloud Security

The term ‘zero trust’ is now used so much and so widely that it has almost lost its meaning.

Incident Response

Created and maintained by MITRE, MITRE D3FEND is a framework that provides a library of defensive cybersecurity countermeasures and technical components to help organizations...