The EU may have advised its member states not to outright ban Huawei from building their 5G network infrastructure, but the UK still believes the Chinese tech giant is a cybersecurity liability.
The Huawei Cyber Security Evaluation Centre (HCSEC) Oversight Board, which was set up to evaluate if there are risks involved with working with Huawei on the development of the national 5G infrastructure, slammed the Chinese company for well, essentially lack of competence.
It didn’t find any evidence of espionage, state-backed or otherwise, but it did say that Huawei’s “basic engineering competence and cyber security hygiene,” is poor, which could be exploited further down the line.
“HCSEC has continued to find serious vulnerabilities in the Huawei products examined. Several hundred vulnerabilities and issues were reported to UK operators to inform their risk management and remediation in 2018. Some vulnerabilities identified in previous versions of products continue to exist.”
The conclusion of the report is that if someone knew about these vulnerabilities, and had enough logistic backup to exploit them, they could access user traffic, for example.
The report did also say that UK operators’ security management makes this job harder to achieve.
It’s been months now since the US first started warning everyone not to do business with Huawei. Its congressmen said there was a realistic chance of Huawei working with the Chinese government, willingly or not, allowing it to spy on its Western adversaries.
Huawei has denied the accusations on multiple occasions, saying there is no proof and even inviting EU oversight. Still, many countries in the West, including the UK, Italy, Germany and others, are approaching Huawei with extra care.
Image Credit: Shutterstock