Huawei's reputation receives another damaging blow from UK security report

Greg S

TS Evangelist

An investigation into Huawei's security on networking products performed by UK officials with ties to GCHQ has revealed a bevy of problems. Known issues have not been fixed, leaving opportunity for third-party surveillance to occur on critical infrastructure.

The Britain-based Huawei Cyber Security Evaluation Centre's annual report declares that no progress has been made to address issues found last year in 2018. There are inherent "defects in Huawei's software engineering and cyber security processes," according to one of the findings. In spite of the latest discoveries, the EU still has not committed to banning Huawei's hardware from 5G networks.

Perhaps the most damning evidence of all is that the oversight committee that assembled the report clearly elicits that long term security is not a guarantee when working with Huawei. The Oversight Board offered a "limited assurance" that Huawei's products will even be able to be secured when looking ahead into the future.

Ironically, Huawei does receive some praise for being good at reverse engineering issues to find their root causes despite having a horrendously unorganized product development process.

In addition to the UK's very poor outlook on Huawei's security practices, the report also reveals just how vulnerable existing networks truly are. Several hundred vulnerabilities were reported in 2018 alone to network operators. Finding more than one security flaw every single day is not very confidence instilling. Although the report is focused on European networks, it is unlikely that any other LTE networks around the world are really that much better.

Permalink to story.

 

Uncle Al

TS Evangelist
This is one prime example of why the government should set aside any and ALL negations with China on this particular technology. Trotting out the President and CEO of Huawei is just lip service and means nothing until and unless they follow up and fix the flaws identified. Restricting their access to US is certainly a prudent step and putting forth a similar motion before the UN would be a good one as well. While that motion can be voted down, it puts the information out there for any country that is paying attention.
 
  • Like
Reactions: Knot Schure

Squid Surprise

TS Evangelist
This is one prime example of why the government should set aside any and ALL negations with China on this particular technology. Trotting out the President and CEO of Huawei is just lip service and means nothing until and unless they follow up and fix the flaws identified. Restricting their access to US is certainly a prudent step and putting forth a similar motion before the UN would be a good one as well. While that motion can be voted down, it puts the information out there for any country that is paying attention.
And you don't think that all of this is fuel for the ongoing negotiations between China and other countries? Once trade agreements have been signed, you'll see how quickly articles like this fade from the public eye...
 
  • Like
Reactions: ForgottenLegion