All eyes on Huawei deal
Britain has chosen to go with Chinese 5G technology, leading to a dramatic rift with its Five Eyes allies, report Matthew Field and James Cook.
The future of Britain’s telecommunications networks is engulfed in a political firestorm amid revelations that Huawei, the Chinese company embroiled in complaints over alleged espionage and sanctions violations, will be allowed to participate in the rollout of the UK’s 5G network.
This fifth generation of wireless technology has become an incendiary geopolitical topic. 5G will herald download speeds 100 times faster than today’s by operating on more frequencies than 4G technology.
The most obvious benefit to people will be faster, more reliable connections on their smartphones and other mobile devices, with the network technology also expected to improve services in other areas, enabling everything from selfdriving cars to remote surgery.
But concerns about the security of this technology have revealed a dramatic rift between the UK and its allies in the Five Eyes intelligence union that also includes the United States,
Australia, Canada and New Zealand.
According to reports, Britain’s National Security Council, chaired by Prime Minister Theresa May, decided last week to allow Huawei limited access to the 5G infrastructure. The council was first to see the results of a sixmonth supply chain report into Britain’s telecoms infrastructure, which called for closer oversight of the network and barring Huawei from its more sensitive parts.
By giving Huawei access only to ‘‘non-core’’ functions, such as antennas and other ‘‘dumb’’ equipment – essentially the pipes that connect the network – Britain’s intelligence agencies believe they can limit the risk to national security, while staying in the running to develop this new 5G network technology.
But May’s decision on 5G security is likely to trigger an angry response from the US, which has been lobbying allies to ban the Chinese telecoms company from their networks completely. The US claims that the Chinese Communist Party could use Huawei as a tool to spy on foreign nations.
Huawei has repeatedly denied the allegations, and said it ‘‘welcomed reports’’ of Britain’s decision. However, Bob Seely, Conservative MP and member of the British Parliament’s foreign affairs committee, said it was a ‘‘bad and short-sighted decision which fails to heed the warnings of the US and Australian experience’’.
Tom Tugendhat, the committee chairman, told the BBC: ‘‘It still raises concerns. The definition of core and noncore is a difficult one with 5G.’’
However, at CyberUK, the flagship conference of the National Cyber Security Centre (NCSC) in Glasgow, senior spies hit back at the idea that the UK would be less secure with Huawei’s involvement.
Jeremy Fleming, director of the Government Communications Headquarters (GCHQ) , of which the cyber security centre is part, said: ‘‘The NCSC’s role has been to offer expert, objective, technologically literate input into the security considerations around 5G.’’
While he did not name Huawei, he alluded to the debate over its links to China. ‘‘The ‘flag of origin’ of 5G equipment is important, but it’s a secondary factor. The UK is looking at the right policy approach.’’
GCHQ and the NCSC have said that the risk from Huawei can be managed.
The US, on the other hand, has repeatedly said that any involvement from Huawei poses
too great a risk to national cyber security – and risks the security of the US if its allies choose to allow Huawei any role.
‘‘It is something the Americans and the Australians are making a great deal of,’’ says Alan Woodward, a former GCHQ consultant and professor of computer science at the University of Surrey. ‘‘They are taking a zero-risk approach.’’
So what kind of role would Huawei have with the UK’s ‘‘limited’’ approach?
NCSC technical director Ian Levy stressed in a blog post in February that keeping riskier suppliers out of the most sensitive parts of the core systems would help manage espionage concerns. ‘‘There are no absolutes in cyber security, and there’s no such thing as a 100 per cent secure system.’’
The core ‘‘control plane’’ of the network, the bit from which the UK is expected to block Huawei, handles the routing of traffic on the network and consists of the most private communications, including data on everything from phone numbers to security keys and location data.
The ‘‘non-core’’ part is the piping – antennas, masts and dumb boxes that funnel this data. However, security experts are divided on whether 5G will make this distinction harder to judge.
With 5G, there will be thousands more points of connection, so everything from smartphones to driverless cars to hospitals and power stations can link up to faster 5G signals a short distance away, rather than sending their data to central network hubs. Some of these points will be in vulnerable places, such as on lamp-posts or streets. More data will be transferred and processed at these ‘‘edge’’ points.
While the US believes the risk is too great, Britain has, for the past 15 years, developed a series of checks and balances it believes manage risks from the Chinese state and Huawei.
‘‘What I see playing out here is a discussion among all of us about the realities of where do you define sensitive networks, where does that start and end,’’ says Rob Joyce, a senior official from the US National Security Agency.
The UK set up a special Huawei Cyber Security Evaluation Centre, manned by vetted Huawei employees and overseen by a board made up of the most senior NCSC officials. It lets Britain monitor Huawei’s source code and its network kit.
Despite these long-term ties, relations with Huawei have been strained in recent months. A report from the NCSC’s oversight board in March warned of ‘‘significant issues’’ with Huawei’s current equipment.
And Huawei has seen its reputation damaged by controversies over its corporate conduct. Joyce told attendees in Glasgow that the US ‘‘won’t have technology from countries who pose a threat to us, whether it’s China and Huawei or others’’.
Some British cyber security experts argue that the attack on Huawei’s technology from the US is driven by a political fear, rather than any knowledge that the equipment contains ‘‘back doors’’ that can be exploited by China’s intelligence services.
‘‘It is reasonable to ask . . . whether foreign intelligence services or their agents have had access to add a back door,’’ says David Palmer, chief technology officer at cyber security startup Darktrace. However, he adds: ‘‘The root of the difference in policy on Huawei between the UK and US is almost certainly political.’’ – Telegraph Group