UK experts criticise Huawei progress on addressing security issues Huawei
UK officials have said Huawei is not doing enough to ease concerns about its software engineering and cybersecurity practices despite assurances from the company that it would resolve them.
The Huawei Cyber Security Evaluation Centre (HCSEC) was established in 2010 to mitigate any potential threats posed by the company’s equipment, with an oversight board (OB) formed four years later.
Although the Chinese network equipment manufacturer has been banned from the UK’s rollout of 5G, mobile operators are allowed to use its gear for the next seven years. Broadband providers are also customers.
Huawei UK
The board’s annual report, which covers the period between January and December 2020, noted that Huawei had made some efforts to address issues raised previously, but newly-identified problems had offset these improvements
“Sustained progress has been made during 2020 on remediating the point issues found in previous reports,” said the report. “That includes considerable progress on the rectification of boards containing an old and out-of-mainstream-support component, and progress on binary equivalence, fixed access issue, and vulnerability management in line with expectations.
“Nonetheless, cognisant of the impact of COVID-19, the work of HCSEC continues to uncover issues that indicate there has been no overall improvement over the course of 2020 to meet the product software engineering and cyber security quality expected by the NCSC.”
Huawei has continued to maintain that its participation in the programme is evidence of its policy of openness and transparency and that it is the only vendor that makes the findings of its evaluations public. Indeed, it actually provides funding for the HCSEC.
“The report concludes Huawei has made ‘sustained progress’ in addressing issues highlighted in previous reports and has made ‘considerable progress’ in third-party component support, which in the context of the global pandemic, the report describes as ‘remarkable’,” said a Huawei spokesperson told TechRadar Pro.
“Rapidly evolving technologies present all innovators with security challenges and Huawei, as the only vendor to operate under a transparency centre (HCSEC), always strives to achieve the highest standards to keep our customers safe.”
UK officials have said Huawei is not doing enough to ease concerns about its software engineering and cybersecurity practices despite assurances from the company that it would resolve them. The Huawei Cyber Security Evaluation Centre (HCSEC) was established in 2010 to mitigate any potential threats posed by the company’s equipment,…
