Are Chinese tech firms a threat to western security?

Cyber Attack

The future promised us by technology companies is one of smart cities wherein autonomous vehicles will negotiate with each other to find congestion-free routes; where public services such as health and energy provision will be managed efficiently through data; and where even our homes will be run by smart devices.

Whether you think this represents utopia or dystopia, in order to work, it all relies on the smooth, fast exchange of data. For the next generation of Internet of Things devices, that’s going to mean 5G because of its greater speed.

But what about the technology that makes 5G work? Right now much of it comes from Chinese companies and that has raised fears surrounding security and whether it could be used to spy on or hack western companies and governments.

Infrastructure concerns

There are already major concerns surrounding infrastructure supply, in particular communications and power grids. In the US, the government has banned the use of Huawei equipment in 5G networks and there are now calls for the company to be barred from having its kit involved in electricity distribution too. [1]

Australia and New Zealand have also been wary about including Huawei equipment in their 5G rollouts. The UK has, thus far, taken a more measured approach. The National Cyber Security Centre, part of GCHQ, has carried out testing on Huawei’s kit and found that there are some problems with its security and engineering. However, NCSC believes that the risks can be managed. [2]

Ultimately however, the decision as to whether Huawei will be allowed to be part of the UK’s 5G infrastructure is down to the Government, which is expected to release the results of its telecoms infrastructure review this spring.

The UK has a strong track record in security and its decision on whether or not to allow the use of Huawei’s 5G equipment is likely to have a major influence on other western governments. The results of the review are therefore awaited with interest.

Cost versus security

At the start of the 21st century, when BT was working to upgrade its networks, Huawei was by far the cheapest bidder for much of the equipment. Although it was excluded from the core network and some sensitive systems, a committee was set up to evaluate the security of Huawei products in the UK.[3]

The concern is how close the firm is to the Chinese state. There are worries that it may build in ‘backdoor’ access to its equipment that could prove difficult to detect. The company has always denied any such involvement with the Chinese government.As we move towards 5G, Huawei is still set to be the cheapest equipment supplier. Telecoms operators feel that because the network will be closely integrated with 4G, excluding the Chinese supplier would lead to extra cost and significant delay in rolling out the project.

There’s also a political and diplomatic angle; cutting Huawei out of 5G contracts could have an impact on UK/China relations at a time when the UK is looking for Chinese investment in other new projects. Conversely, there are concerns as to how the US administration would react if Britain didn’t follow its lead on excluding Huawei, especially with post-Brexit trade deals in the balance.

Some see Chinese involvement in infrastructure as essential to the economy. Security professionals are concerned about the risk, although are divided as to how severe it might be. Ultimately, the decision will come down to a balance between cost and security with a bit of international politics thrown into the mix.

[1] https://betanews.com/2019/02/26/huawei-us-power-grid/
[2] https://www.theguardian.com/technology/2019/feb/17/uk-security-chiefs-huawei-risk-in-5g-can-be-contained
[3] https://www.bbc.co.uk/news/uk-22803510