China 'could find easier ways to cyber-attack UK than using 5G', experts say
Fears of China launching a cyber-attack against the UK using Huawei equipment are overstated as Beijing could find easier ways to attack, experts said on Tuesday.
Huawei equipment is already closely monitored so that any hidden functions would be detected, according to experts at the National Cyber Security Centre (NCSC).
Downing Street gave a green light today to the Chinese firm playing a limited role in Britain’s 5G network.
The cyber experts at the NCSC said that the risk of Huawei’s involvement in the 5G network was "manageable".
Stars ‘need a partner’ to set off universe’s brightest explosions
Meet the adorable cat with two different faces
World’s southernmost reef hit by coral bleaching
Binary Earth-sized planets possible around distant stars
The US had warned allies not to allow the Chinese firm to play a part in their 5G networks, arguing that it presents a security risk due to its close links to the Beijing government.
Huawei's activities in the UK have been overseen by arrangements including the Huawei Cyber Security Evaluation Centre (HCSEC) - nicknamed the Cell.
The NCSC said: "Due to the UK's mitigation strategy, which includes HCSEC as an essential component, our assessment is that the risk of trojan functionality in Huawei equipment remains manageable.
"Placing 'backdoors' in any Huawei equipment supplied into the UK is not the lowest risk, easiest to perform or most effective means for the Chinese state to perform a major cyber attack on UK telecoms networks today."
The NCSC did raise concerns about any single supplier of equipment being allowed to play a dominant role in the network.
The guidance issued by NCSC excludes "high-risk vendors" such as Huawei from "core" parts of the network, and sensitive locations including nuclear sites and military bases.
They will also be limited to a minority presence of no more than 35% in the periphery of the network, known as the access network, elements which connect devices and equipment to mobile phone masts.
The NCSC stressed that it was "important to avoid the situation in which the UK becomes nationally dependent on a particular supplier".
It added: "Without government intervention, the NCSC considers there to be a realistic likelihood that due to commercial factors, the UK would become 'nationally dependent' on Huawei within three years."
National dependence on a high-risk vendor would present a "significant national security risk", the NCSC said.
Ciaran Martin, chief executive of the NCSC, said: "This package will ensure that the UK has a very strong, practical and technically sound framework for digital security in the years ahead.
"The National Cyber Security Centre has issued advice to telecoms network operators to help with the industry roll-out of 5G and full-fibre networks in line with the Government's objectives.
"High-risk vendors have never been, and never will be, in our most sensitive networks.
"Taken together these measures add up to a very strong framework for digital security."