LONDON (Reuters) – Britain’s public punished China’s Huawei Technologies for the not solve long-term security flaws in its mobile network equipment, and revealed new “major technical problems,” the increasing pressure on the company as it battles Western allegations that Beijing could use its equipment for spying.
The Huawei logo is pictured outside the Huawei’s factory campus in Dongguan, Guangdong province, China March 25, 2019. Photo taken on March 25, 2019. REUTERS/Tyrone Siu
In a report, published on Thursday, the government-led board that oversees the research of Huawei gear in Britain, said continued problems with the company’s software development had been “significantly increased risk for the UK operators.”
The board of directors, including officials from the british GCHQ communications intelligence agency said in the report that the company had made “no tangible progress” in addressing security issues and had no confidence in the Huawei’s capacity to deliver on the proposed measures to tackle the “underlying defects.”
The unusually direct criticism is a new blow to the world’s largest maker of mobile network equipment, which is under intensive monitoring in the past few months.
Officials in the United States and beyond, a still larger public in voicing concerns that Huawei equipment could be used by Beijing for espionage or sabotage, especially the operators, to the next generation of mobile networks, known as 5G.
Shenzhen-based Huawei said in a statement it took the council of supervision’s concerns “very seriously” and that the problems that are described in the report “constitute an important input for the continual transformation of our software engineering capabilities”.
Huawei promised last year to spend more than $2 billion as part of the efforts to problems, previously identified by great Britain, but has also warned it could take up to five years to see results.
The british security officials earlier said they believed the possible risks of the Huawei could be managed.
In the report, the government-led council, said: “These findings are about the basic engineering competence and cyber security hygiene that give rise to vulnerabilities that can be exploited by a number of parties.”
“The NCSC (National Cyber Security Center) does not believe that the observed defects are the result of government intervention,” it added.
The work of the supervisory board and its findings informed future government policy on network security, officials say, but the final decision rests with the ministers.
British officials now need to see evidence of a significant change, the report said, adding that Huawei had failed to follow through on safety commitments as far back as in 2012.
“The evidence of sustainable change is especially important if a similar strongly worded obligations of Huawei in the past have not brought about any noticeable improvements,” he said.
The 40-plus-page report identified several new technical problems with the Huawei equipment and it appeared that the problems were on a larger scale than previously publicly acknowledged.
These include with respect to a product with the name eNodeB, which provides a connection between the network and the user of the mobile phone.
According to the report of the board of trustees looked at the updated versions of software that aims to incorporate security improvements, but found “the general software engineering and cyber security quality of the product continues to demonstrate that there are a significant number of major defects.”
The report also said that the lab had reported to the BRITISH operators “a few hundred vulnerabilities and problems” in 2018.
The council added that in general, the problems reveal “serious and systematic deviations in the Huawei’s software engineering and cyber security competence”.
And, as a result, the board of directors may still only provide a limited warranty that the security risks of Huawei equipment can be managed long term.
It added: “The supervisory board advises that it will be difficult to adequate risk management products in the future in the context of the UK deployments, until the underlying defects in the Huawei’s software engineering and cyber security processes to be restored.”
The board of directors as first revised down, the level of security in its last report, published in July 2018. In addition to the British top officials of the government, the board of directors includes the representatives of the British telecom operators and Huawei executives.
Edited by Edmund Blair