Country of origin is ‘unrelated’ to cybersecurity: Huawei

2 min read

 

A staff member stands at the front desk of Huawei’s Cyber Security Lab on July 29, 2019, in Dongguan, Guangzhou. (Image credit: TechNode/Shi Jiayi)

Embattled Chinese telecommunications equipment maker Huawei released a position paper on cybersecurity last week, arguing that security assessments of 5G network suppliers should focus on the products, not the country of origin.

Why it matters: While few of the points expressed in the document are new, the release of the position paper comes as the UK and Germany near deadlines on deciding whether Huawei should be allowed into their 5G network infrastructure.

  • The paper also countered a viewpoint brought by a European Union report released last month in which it said “hostile third countries” may force 5G suppliers to facilitate cyberattacks serving their own national interests.

Details: System failure and human error constitute the greatest risk, and political suspicions have done nothing to solve the issues of cybersecurity, Huawei said in the paper dated November 2019.

  • The company suggests that potential risks inherent in any given product should be evaluated based on factors that have a material effect on security, such as its security architecture and features, rather than focusing on “unrelated factors,” such as country of origin.
  • The company also calls all stakeholders to evaluate cybersecurity risks in a “more rational, objective, and evidence-based way,” arguing that all 5G equipment suppliers and components should be assessed using the same standard.
  • The company reaffirmed that it is a private company wholly owned by its employees and “no government or any third party holds shares in our company, intervenes in our operations.”
  • There is no Chinese law authorizing state intelligence agencies require that a telecom equipment maker aid them in collecting intelligence information, implanting backdoors, or damaging customer networks, said the company, citing independent, unnamed legal professors and law firm.

“Today, cybersecurity is increasingly intertwined with political suspicions and trade barriers and falling trust between nations… Frequently, cybersecurity is used simply as an excuse to erect trade barriers, and this has further obscured the real issues.”

—Huawei

Context: The UK and Germany are on the verge of making their decisions on whether to allow Huawei to participate in their 5G network rollouts. Governments in both countries have indicated that the cybersecurity issue is a major concern.

  • The UK government will make the decision following general elections on Dec. 12, according to a report by the Guardian citing the country’s culture secretary.
  • Germany authorities drafted a set of security guidelines last month, asking 5G supplier candidates to submit a document self-declaring their trustworthiness. Meanwhile top German government officials, including its defense minister and intelligence chief, have stated that Huawei cannot be trusted and that its equipment should be excluded from the country’s 5G network.

EU report warns of 5G threat from ‘hostile’ states