Published: Fri, March 29, 2019
Markets | By Otis Pena

Britain slams Huawei for failing to address security risks

Britain slams Huawei for failing to address security risks

In November of 2010, the Chinese networking and telecommunications giant Huawei entered into an agreement with the government of the United Kingdom to allow extensive security reviews of Huawei's hardware and software-a move meant to belay fears that the company posed a security risk to the UK's networks.

"Through heavy, consistent investment in 5G innovation, alongside large-scale commercial deployment, Huawei is committed to building the world's best network connections", Guo Ping, Huawei's Rotating Chairman, said in the release of the company's annual report.

And it concluded: "Overall, the oversight board can only provide limited assurance that all risks to United Kingdom national security from Huawei's involvement in the UK's critical networks can be sufficiently mitigated long-term".

Oversight body the Huawei Cyber Security Evaluation Centre (HCSEC), which includes officials from GCHQ's National Cyber Security Centre (NCSC), said that the Chinese telecommunications giant had made "no material progress" to address problems raised in its report previous year. Taking a softer approach to Huawei could put the country at odds with some of its closest security counterparts, including in the so-called Five Eyes network, the pan-national intelligence sharing network which comprises the US, Canada, Australia, New Zealand and the UK.

"Security concerns are having an impact on Huawei, as more and more countries place restrictions on the firm's network gear", said Brock Silvers, managing director of Kaiyuan Capital.

The Huawei logo pictured inside the Ox Horn campus at Songshan Lake in Dongguan, Guangdong province, China, March 25, 2019.

Huawei has vowed to never allow security "backdoors" in its products which could be used for espionage or sabotage, and insists Washington has never produced evidence substantiating claims of security risks.

The report noted that Britain's cybersecurity authorities did not believe the defects were a result of "Chinese state interference".

17 die as high-rise office building catches fire
Heavy smoke deterred efforts by responders to get close to them, but Hasan said he watched at least a dozen people get rescued. Three hospitals reported that six men and women had died or arrived with fatal injuries after jumping from the office block.

The latest annual report from the clumsily titled Huawei Cyber Security Evaluation Centre Oversight Board makes for alarming reading.

Thursday's report "details some concerns about Huawei's software engineering capabilities", the Huawei spokesman added.

"We understand these concerns and take them very seriously", Huawei said in response to the report, adding that the identified issues "provide vital input for the ongoing transformation of our software engineering capabilities".

The oversight report is separate from a government review of security to the 5G network that is expected later in the spring. The board provides security evaluations for a range of related products. There are inherent "defects in Huawei's software engineering and cyber security processes", according to one of the findings.

Yes, Huawei is subject to a unique level of scrutiny, which has exposed a level of software vulnerability that might also be found in competing products.

Combined with the challenges of integrating old software written for the VxWorks RTOS (which has a single user, single memory space architecture) over to a Linux-based OS, this all poses significant long-term risks for network operators, the board found. It pledged a year ago to spend more than $2 billion addressing problems previously identified by the board. Huawei is reporting a 28% increase of net profits at $8.8 billion for 2018 versus only a 0.4% increase in 2017 over 2016s profits.

Nevertheless, some European countries are in negotiations with Huawei to deploy its advanced technology to power the faster wireless networks of the future.

Like this: