The UK’s cybersecurity watchdog has criticised Chinese firm Huawei for failing to fix software and security flaws in its mobile network technology, citing “significant technical issues” that need to be addressed.

The Huawei Cyber Security Evaluation Centre (HCSEC) Oversight Board, chaired by Ciaran Martin, chief executive of the National Cyber Security Centre, released its latest assessment of risk associated with use of Huawei’s equipment, raising concerns about “basic engineering competence and cyber security hygiene”.

However, despite its conclusion that problems with the company’s software development “significantly increased risk to UK operators”, the report’s authors stressed that the NCSC did not “believe that the defects identified are a result of Chinese state interference”.

It comes amid an ongoing battle with the US government over concerns that security backdoors in 5G network equipment could enable intelligence gathering by the Chinese government – a claim vigorously disputed by Huawei and Beijing.

The report found that the “significant technical issues identified” were not related to state interference, but said that the flaws “give rise to vulnerabilities that are capable of being exploited by a range of actors”.

The Oversight Board said that “no material progress” had been made to address basic software and cyber security concerns since last year’s report, and that as a result, it was able to offer “only limited assurance that the long-term security risks can be managed in the Huawei equipment currently deployed in the UK”.

Huawei did not immediately reply to a request for comment.

An NCSC spokesperson said: “Huawei’s presence in the UK is subject to detailed, formal oversight. We can and have been managing the security risk and have set out the improvements we expect the company to make.

“We will not compromise on the progress we need to see: sustained evidence of better software engineering and cyber security, verified by HCSEC.”

They NCSC spokesman added that the report highlighted a need for improved cyber security in the UK’s telecommunications networks, which will be addressed in a wide-ranging review being carried out by Jeremy Wright, the digital secretary.

Responding to the report, Norman Lamb, chair of the Commons Science and Technology Committee, said: “Today’s concerning report reveals an unacceptably slow response from Huawei in the face of important criticism of the company’s approach to cyber security.

“These concerns make the government’s review of telecommunications suppliers all the more important, and urgent” he said, and called for the full report to be published “as soon as possible”.

Share Story: