The UK government is allowing Huawei to take part in its 5G network rollout.
After lengthy reviews into the state of the UK telecoms supply chain and risks associated with allowing risky vendors like Huawei to be involved in national networks, the UK government decided to give Huawei a limited role in its 5G rollout.
UK Foreign Secretary, Dominic Raab, made a statement in parliament on Wednesday saying that the government’s position “marks a major change” in the UK’s approach to high risk network vendors.
“When taken together with the tough new security standards that will apply to operators, this approach will substantially improve the security and the resilience of the UK’s telecoms networks, which are a critical part of our national infrastructure,” Raab said.
“It reflects the maturity of the UK’s market and our world-leading cyber security expertise, and it follows a rigorous and evidenced-based review. It is the right decision for the UK’s specific circumstances.”
Huawei was expectedly delighted with the UK' decision.
Vice-president of Huawei, Victor Zhang, said in a statement that “a diverse vendor market and fair competition are essential for network reliability and innovation”.
Huawei Statement Regarding UK 5G Decision from Victor Zhang, Vice-President: "Huawei is reassured by the UK government’s confirmation that we can continue working with our customers to keep the 5G roll-out on track." pic.twitter.com/sKLT9wQEJl— HuaweiUK (@HuaweiUK) January 28, 2020
Australia and the US – part of the Five Eyes security alliance along with the UK, New Zealand, and Canada – have repeatedly warned of security risks associated with including Huawei products in infrastructure projects.
Trump started a veritable trade war with China after outright banning the sale of Huawei products in the US in May last year in the name of national security.
The UK government, however, is certain that it can appropriately mitigate the Huawei security risks and Boris Johnson was given the all-clear from the White House, according to the Guardian which cited sources saying that the relationship between the US and UK was too valuable to risk over Huawei.
“We have looked at the issue of how to maintain network security and resilience over many months and in great technical detail,” UK Foreign Secretary, Dominic Raab said.
“We would never take decisions that threaten our national security or the security of our Five Eyes partners.”
But that didn’t stop Republican Senator, Mitt Romney from condemning the UK government’s choice to let Huawei in, saying that “the UK is sacrificing national security and inviting the [Communist Party of China’s] surveillance state in”.
The UK’s decision to incorporate Huawei into its 5G network is a disconcerting sign. By prioritizing costs, the UK is sacrificing national security and inviting the CCP’s surveillance state in. I implore our British allies to reverse their decision.— Senator Mitt Romney (@SenatorRomney) January 28, 2020
Just don’t let Huawei near the important stuff
The UK’s review into ‘high risk vendors’ determined that the likes of Huawei could be allowed to future network infrastructure as long the vendors are:
- Excluded from safety related and safety critical networks in infrastructure
- Excluded from security critical network functions
- Limited to a maximum of 35 per cent of other network functions
But Tory MP Tom Tugendhat has his misgivings, saying he was concerned about the definition of ‘critical network functions’ and that IoT will only further muddy the waters of what can be defined as a ‘critical network function’.
2. How do we define ‘critical network functions’ and ‘Critical National Infrastructure’ when 5G will enable connected devices? Others have found it near impossible to make the distinction. That will only get harder as we learn the full capability of the ‘internet of things’. 3/8— Tom Tugendhat (@TomTugendhat) January 28, 2020
Technical director of the UK National Cyber Security Centre (NCSC), Ian Levy, disputed claims like Tugendhat’s, saying that there is still a definite distinction between ‘core’ and ‘edge’ functions in a national 5G network.
“In 5G they are spread out a bit more, but sensitive functions are still sensitive functions and you can put your arms round them,” Levy said.
“Remember, in 5G you need lots of smaller basestations as well as big ones, and the small ones will be on lampposts, bus shelters and other places that aren’t secure from physical interference by bad guys.
“So, if your network design means that you need to run really sensitive functions processing really sensitive data (i.e. core functions) on an edge access device on top of a bus stop, your choice of vendor is the least of your worries and you probably shouldn’t be designing critical national infrastructure.”