The 2018 annual report of the Huawei Cyber Security Evaluation Centre (HCSEC) said that: "Technical issues have been identified in Huawei’s engineering processes, leading to new risks in the UK telecommunications networks..."
It also said that "Due to areas of concern exposed through the proper functioning of the mitigation strategy and associated oversight mechanisms, the Oversight Board can provide only limited assurance that all risks to UK national security from Huawei’s involvement in the UK’s critical networks have been sufficiently mitigated. We are advising the National Security Adviser on this basis."
Norman Lamb MP, chair of the House of Commons Science and Technology Committee, asked Huawei Technologies a number of questions, including what assurances it could demonstrate that its products and services pose no threat to UK national security, and how it responds to the actions that have been made by some countries to restrict foreign involvement in communications networks.
Ryan Ding, president of Huawei Technologies’ carrier business group, responded, writing that “the governments in some countries have labelled Huawei as a security threat, but they have never substantiated these allegations with solid evidence”.
He wrote that Huawei will initially invest $2 billion over the next five years to comprehensively improve our software engineering capabilities.
"Modern Communication networks are complex systems that keep evolving in new and innovative ways. Enhancing our software engineering capabilities is like replacing components on a high-speed train in motion. It is a complicated and involved process, and will take at least three to five years to see tangible results. We hope the UK Government can understand this," Ding added.
Ding wrote that “all major telecom equipment vendors have R&D and manufacturing centres in China” and that the “[Chinese] Ministry of Foreign Affairs has clarified that no Chinese law obliges any company to install backdoors. In addition, the relevant provisions of China’s National Intelligence Law do not appear to have extraterritorial effect over Chinese Companies’ overseas subsidiaries and employees, such as Huawei UK.”
He also wrote that “we would like to reiterate that Huawei has never received any such requests, and in the event that we did receive this type of request, we would categorically refuse to comply with it”.
Ding’s response included a veiled dig at Ericsson, given that glitches in the latter’s equipment were responsible for recent network outages in the UK and Japan. “[These] were not caused by Huawei products, which is a testament to the security and reliability of our products on live networks,” he wrote.
Reuters has reported that German Chancellor Angela Merkel said Germany will need guarantees that Huawei will not hand over data to the Chinese government before it will be allowed to participate in building German 5G networks and that the German government is in the process of deciding what stance to take on Huawei. The newswire also recently reported that a US State Department official had said US officials will warn the country’s allies that Huawei poses a national security risk, while arguing that China’s one-party state means that both Huawei and ZTE “are simply not equipped to resist directions from Beijing”.
