How great a threat does Huawei really pose to the UK’s cybersecurity? Cyber Espionage Regulation, Laws, Guidance

How great a threat does Huawei really pose to the UK’s cybersecurity?

With the announcement that Huawei equipment is to be removed from the UK’s 5G networks by 2027, questions have been raised over just how much of a threat the Chinese telecoms behemoth poses to the integrity of the nation’s cybersecurity.

The news of a ban signifies a U-turn by Boris Johnson and his government which said in January that Huawei would be allowed to play a “limited role” in the UK’s 5G infrastructure.

Oliver Dowden, the UK culture secretary, said that no new Huawei 5G equipment can be bought after 31 December this year, but older 2G, 3G, and 4G can stay in place until it is no longer needed.

In a statement, a spokesperson for Huawei UK said that this “disappointing decision is bad news for anyone in the UK with a mobile phone. It threatens to move Britain into the digital slow lane, push up bills and deepen the digital divide. Instead of ‘levelling up’ the government is levelling down and we urge them to reconsider. We remain confident that the new US restrictions would not have affected the resilience or security of the products we supply to the UK.”

“Regrettably our future in the UK has become politicised, this is about US trade policy and not security. Over the past 20 years, Huawei has focused on building a better connected UK. As a responsible business, we will continue to support our customers as we have always done,” the spokesperson said.

Of late, there have been many attempts to exclude the company from Western nations, in response the Chinese ambassador to the UK, Liu Xiaoming, warned that any ban would damage trust in the UK and its reputation as “a business-friendly, open, transparent environment”.

What threats?

At present, most of the alleged threats to security appear to be based on supposition and hearsay. 

Ex-Google CEO Eric Schmidt told the BBC that there was “no question that Huawei has engaged in some practices that are not acceptable in national security”. He added that there is “no question that information from Huawei routers has ultimately ended up in hands that would appear to be the state”. Huawei has routinely denied such accusations that it is part of the Chinese state.

In an exclusive interview with SC Media UK, Vince Warrington, CEO of Protective Intelligence and Dark Intelligence, said that the threat is “in no way overstated”.

“What many in the West fail to realise is the symbiosis between the Chinese government and large Chinese companies. In the West, we're used to having politics separate from business to a very large degree, but that's not the case in China,” he said.

Warrington added that while Huawei probably wouldn't consider itself to be state-owned, it will have a 'political department' within the company that makes sure it is aligned to Party values – this, he said, is “normal practice in China, and makes it impossible to separate the company from the Party”. 

“[CISO's] need to bear in mind that it's businesses, not government agencies, that are exposed to the most sophisticated Chinese hacking techniques – such as using the darknet to mask their activities – and they're also less well prepared to defend,” he said.

Mike O'Malley, vice president of Carrier Strategy and Business Development for Radware, told SC Media that despite Huawei’s executives making multiple statements saying there are no back doors to their equipment, concerns continue to abound. 

“Two Chinese laws – the 2017 National Intelligence Law and the 2014 Counter-Espionage Law – remain very problematic for Huawei. Some of the most troubling language is content such as Article 22 which states: ‘When the state security organ investigates and understands the situation of espionage and collects relevant evidence, the relevant organisations and individuals shall provide it truthfully and may not refuse’,” he said.

“Legal experts have interpreted this as a legal basis upon which the Chinese government could compel any Chinese company including Huawei to share any and all customer data from equipment deployed both inside China and throughout the rest of the world,” O’Malley added.

What’s next?

With a ban in the offing, Lord Browne has announced he will step down as UK chairman in two months’ time; he had been due to leave the company next March.  

BT has warned that it would be extremely difficult to remove Huawei equipment in the next ten years. BT’s CEO Philip Jensen told BBC Radio 4’s Today programme that if the company was “not able to buy or transact with Huawei that would mean you wouldn’t be able to get software upgrades”, meaning that security could be put at risk.

Regardless of whether the allegations surrounding Huawei are true, the ban will have a chilling effect on the economic and political relations between the UK and China and could put the UK years behind its 5G rollout schedule.

share