The UK’s move to give Huawei a limited role in building its 5G network was a landmark decision and one that continues to divide MPs and the British public. But could it be a decision Boris Johnson and the country will come to regret? Can our security be guaranteed by only letting Huawei build the UK’s periphery 5G network?
With the CIA openly accusing Huawei of receiving funds from Chinese state intelligence, many politicians are worried. Conservative MP and chair of the House of Commons Foreign Affairs Committee Tom Tugendhat compared the decision to “nesting a dragon”.
On top of this, the Trump administration has imposed a total ban on Huawei Stateside, while warning its Five Eyes allies, an English-speaking intelligence alliance comprising Australia, Canada, New Zealand, UK and the United States, that access to intelligence might be restricted should they not follow America’s example. Australia did, but the UK decided to choose its own path.
According to Emily Taylor, a 5G expert, removing Huawei from the core of the network might not be enough to guarantee our security. As 5G is a more integrated and intelligent network than either 3G or 4G, what really counts is the quality of the software and the cybersecurity practices adopted by the provider, she explains.
“As far as Huawei is concerned, we know from the Huawei Cyber Security Evaluation Centre 2019 Annual Report that there are ‘serious and systematic defects in its software engineering and cybersecurity competence’. Bugs in software make any system vulnerable to attack,” says Taylor.
A spokesperson for Huawei acknowledged that the 2019 Oversight Board report detailed some concerns about its software engineering capability, adding it takes such concerns seriously and is investing more than $2 billion “to further enhance those capabilities”.
Security issues extend beyond Huawei and 5G
But Taylor, who also heads up Oxford Information Labs, says the issue extends beyond Huawei. She says: “Firstly, in terms of competitors, it’s worth remembering that Huawei openly shows its code to GCHQ [UK government intelligence and security organisation]. Others do not. As there isn’t similar transparency regarding the software and hardware of Huawei’s competitors, it’s impossible to know the overall rate of defects in their computer systems.
“Secondly, with 5G the primary driver behind the internet of things, we’re going to see millions of poorly secured devices connecting to mobile networks. The 5G environment will offer multiple opportunities for bad actors, including states, to cause harm, without necessarily having built the network.”
Banning Huawei and others because they pose a threat to your own tech companies is not the answer
But Huawei disagrees. The company points to a recent National Cyber Security Council (NCSC) blog post which states that UK telecoms networks “are secure, regardless of the vendors used”. However, a spokesperson adds: “The NCSC has said there’s no 100 per cent secure system, but is confident it can manage these risks.”
Try telling that to the Trump administration. Whether the UK’s decision to give Huawei a limited role in its 5G networks will impact on transatlantic security co-operation in the future is unclear. MI5 director general Sir Andrew Parker says it won’t, but Taylor is not so sure.
“What if it isn’t sabre-rattling? Can intelligence services in democracies really choose to ignore the explicit direction of their political masters? That’s what the US administration cannot square and it may do great harm to the Five Eyes partnership,” she says.
To minimise this risk and open up 5G competition, Taylor is in favour of a multi-vendor approach. This is a view also shared by Huawei, which says “a diverse-vendor market is key to secure networks”.
However, there’s the rub. Taylor says that while Huawei’s closest rivals, Nokia, Ericsson, Samsung and Qualcomm, have the required knowledge to add value, they’re more expensive than Huawei.
“This isn’t an issue for Huawei, and others, but it’s a problem for states and mobile operators that would like to see more competition in 5G markets. Indeed, it’s a lack of healthy competition that’s stymying progress both in technology and in geopolitical circles,” she says.
Tech become “a pawn” in techno-nationalism battle
It’s a predicament that Professor Paul Evans, at Canada’s University of British Columbia School of Public Policy and Global Affairs, recognises only too well. He says the Huawei spat transcends technology and has more to do with the US-China trade war. He believes the UK, Canada and others “are not only being dragged into the trade war, but are being asked to pick sides”.
“We’re seeing two of the world’s superpowers rejecting globalisation in favour of techno-nationalism. From the US perspective, techno-nationalism is about protecting America’s dominance in ICT fields and securitising the issue, even if that means banning companies like Huawei from the US market,” says Evans.
He is worried for the future and thinks America is on the wrong path. “Banning Huawei and others because they pose a threat to your own tech companies is not the answer,” says Evans. “It will only serve to reduce US competitiveness and will restrict US penetration in global markets. Indeed, if this were a battle for hearts and minds, it’s a fight the US is losing.”
Will America lose its FAANGs?
The big question, of course, is what effect techno-nationalism will have on America’s tech titans and consumers who use them? Taylor, from Oxford Information Labs, has one principal worry.
“I don’t think the FAANGs [Facebook, Amazon, Apple, Netflix and Google] will be affected,” she says. “It’s more that there could be splits at quite deep levels of the infrastructure which will result in users in the East and West having a different internet experience. To some extent, we’re already seeing this being played out in the world of international technical standards,” she says.
“China is playing a patient strategic game in technical standards organisations, whereas some in the West have been asleep at the switch. That’s perhaps the biggest takeaway.”