Huawei 5G equipment has ‘underlying defects,’ could be vulnerable to cyberattacks: report

Britain's Huawei Cyber Security Evaluation Centre Oversight Board concluded the company's equipment poses a "significant" risk to operators

A British review of Huawei’s 5G networking equipment concluded that it poses “significant” security issues, noting that “underlying defects” could make the software easy for attackers to exploit.

The Huawei Cyber Security Evaluation Centre Oversight Board conducted the evaluation. It released the report on March 28th.

The report doesn’t call for an outright ban, but says that the defects are concerning and create “significantly increased risk to U.K. operators.”

The board was established in 2010 and is used to monitor Huawei’s security risks.

The results of the review give more weight to the U.S.’s warnings. The country’s government has argued that its allies should not work with the Shenzhen-based telecommunications giant.

In a statement, Huawei said it was taking the report “very seriously.”

“The issues identified in the [oversight board] report provide vital input for the ongoing transformation of our software engineering capabilities,” Huawei said.

The U.K. government disapproved Huawei for not following through on addressing security concerns that were raised in previous assessments.

In Canada, the federal government is still undertaking a review of 5G and of whether it’s safe to allow Huawei to provide equipment to telecom operators in order to deploy the next mobile network iteration.

During a roundtable, Huawei chairperson Eric Xu said the company’s equipment follows standards set out by the 3rd Generation Partnership Project (3GPP). He added that Huawei is currently researching ways to make its equipment interoperable with equipment built by other vendors.

Interoperability means equipment from different vendors can be used together in order to deploy spectrum. Using equipment from different vendors helps protect an operator from cybersecurity attacks since the entire network isn’t vulnerable to a single exploit.

Source: CNBC