The first major report into the Government’s proposed 5G solution has dismissed mitigation strategies relied upon to justify the decision as “no solution at all”. Last night, one of the report’s authors – Conservative MP, Bob Seely – warned that Huawei “risks becoming a cyber-Hydra” and warned the assurances relied upon by the Government were “insufficiently robust to justify the associated risks.”
In a strongly worded foreword to the report, the former Chief of MI6, Sir Richard Dearlove, branded the Government’s strategy a risk “we simply do not need to take”. Dearlove calls on the Government to “reconsider the Huawei decision” and not to “worry about giving offence to China” or “be influenced by the threat of the economic cost”.
Defending our Data: Huawei, 5G and the Five Eyes, is authored by Bob Seely MP, Dr Peter Varnish OBE, a former Government security adviser, and Dr John Hemmings, of the Henry Jackson Society.
The report studies the components the Government proposes to limit Huawei’s involvement to and finds that:
- UK cyber experts could not find Trojan Horses within the hardware even if they searched for them. There are documented cases where governments have searched for such Trojans and still not found them all after two years of searching.
- UK cyber experts would not be able to remove such security flaws using conventional antivirus software, even if they did find them.
- If a third-party introduced such malicious code, Huawei itself would have trouble removing it because its engineering product cycle is not consistent.
The report recommends that the Government ‘blocks’ Huawei from participation in the UK’s 5G network unless any subsidiary can ‘prove a very high degree of insulation’ from the parent company. The report also calls upon the Government to adopt the risk assessment protocols outlined in the Prague Proposals and to bring forward legislation outlined in the 2018 national security white paper from BEIS.
Featuring chapters by American, Australian and Canadian authors including retired General Robert Spalding who considered 5G proposals for the U.S. National Security Council, the report finds that the Government’s definition of risk is to all intents and purposes “so narrowly defined as to be useless” and it is “unclear” what damage the decision could do the five-eyes intelligence-sharing relationship.
Other findings within the report that have been previously reported include that Huawei’s ownership structure leaves its claims to be a private company “highly questionable”. The report also finds that so-called MIMO antennas used in 5G are vulnerable to signal blocking through software updates.
In the Words of Authors:
“This is the first major public report into Huawei. We conclude that there is significant risk in allowing Huawei into our 5G network. We have taken advice and opinions from UK’s expert cyber and security community as well as from experts from the US, Australia, and Canada. Whilst we focus on the UK, this is a global report into a global problem: high tech from authoritarian states.
“The assurances relied on by Government to justify Huawei’s entry into the 5G are, in our considered view, insufficiently robust to justify the associated risks. Our cyber experts are becoming less confident. Sir Richard Dearlove charts the haphazard way that Huawei developed a powerful position in UK comms. He shows that Huawei risks becoming a cyber-Hydra we cannot control. In addition, our cyber experts have raised significant technical issues.
“Dr Hemmings charts the explosive growth of Huawei and its deep relationship with the Chinese state. Our Five Eyes authors from the US, Australia, and Canada show that the UK does not need to make a trade-off between business and security in our relations with China. We can have growing trade whilst minimising our security concerns.
“In our report, we make positive and constructive recommendations as to the way forward. However, our message is clear: Huawei is a risk that we do not need to take.”
Bob Seely MP, Member of the Foreign Affairs Select Committee
This report written by a panel of cyber, telecoms, and China experts lays out compelling evidence that the company is extremely close to China’s security services and military. We also found out that cyber experts, intelligence officials, and telecoms engineers think the UK Government’s risk assessment system is too narrow and based on terrible assumptions. We hope this report will cause the Government to stop this sleepwalking to disaster before it’s too late.
Dr John Hemmings, Director of the Asia Studies Centre
If we make the wrong decision about allowing hostile agencies access to our critical national infrastructure, history will judge us harshly. This authoritative and alarming Report should help us to reach the right conclusion about companies operating under the aegis of the Communist Chinese state.
The Right Honourable Julian Lewis MP, Chair of the Defence Select Committee
We have to hope that the National Security Committee will revisit the decision it seems to have made on permitting Huawei into the periphery of the UK’s future 5G system. When at least four senior ministers (of foreign affairs, defence, home affairs and development) oppose the decision, it is clear that it greatly prejudices our national security and interests. If the decision is revisited, everyone involved should read this report by the Henry Jackson Society. It sets out, with great lucidity, the reasons why allowing Huawei into even the periphery of this vital piece of critical national infrastructure would be a massive mistake. It is clear on the technological reasons and, more importantly perhaps, on the imperative of not putting long term trust in a company so close bound up with the Chinese Communist Party and its long term aims.
Charles Parton, Adviser to the House of Commons Foreign Affairs Committee 2017-9, Senior Associate Fellow at RUSI and author of ‘China -UK relations: where to draw the border between influence and interference’ (RUSI 20 Feb 2019)
“As we analyse the significance of the US decision to add Huawei to the Entities List, we must still consider the UK’s position on whether to allow Huawei involvement in building this country’s 5G network. It seems that the Government is considering the option of allowing Huawei only limited access to 5G in those areas (such as antennae etc) where it is argued that they could only do minimal damage if they sought to abuse their access. The Henry Jackson Society Report indicates that the advice received from independent telecommunications experts is that it would be unwise to make such a distinction as even peripheral access to the system could enable serious damage to be done to UK national security interests.
This is, I believe, the core of the debate. One assumes that the National Security Council is asking the Agencies, especially GCHQ, whether they agree with the advice found in the report and, if not, why not?
Unlike the US and Australia we already have Huawei in the UK and the “Cell” at Banbury has provided considerable reassurance. But the Chinese Intelligence Law does not even try and conceal that Huawei would be under a legal obligation to assist the Chinese Government if requested . If the advice from the Agencies is either hostile to Huawei or unable to reach agreement, the UK must err on the side of caution and reject Huawei involvement. Only if the advice is more relaxed and indicates that a compromise solution would not compromise our security, would it be safe for the UK to accept Huawei’ involvement in 5G.”
Sir Malcolm Rifkind, Foreign Secretary 1995-1997, Chairman of the Intelligence and Security Committee of Parliament, 2010-2015
This report was also endorsed by Hon. Malcolm Turnbull, Former Prime Minister of Australia, in an interview with the Daily Telegraph on 15th May 2019. A version of the article can be found here: https://www.telegraph.co.uk/politics/2019/05/15/theresamay-receives-huawei-warning-former-australian-prime/
It is understood that Huawei has previously denied and continues to deny many of the allegations referred to within the report.