Senior MP tells UK Defence Committee on 5G security: Russia could become China's cyber-attack dog

One has the vulns, the other has the brass neck to pull off heists. Right?

Russia might begin carrying out cyber attacks against Britain's 5G networks "at the behest of China", the chairman of a Parliamentary Select Committee has ventured.

The startling prediction came from Tobias Ellwood MP, chairman of the Defence Committee, as he presided over a hearing on 5G security and Huawei's involvement.

"I predict that Russia and China, over the next decade, are going to become closer and closer," Ellwood told his committee. "To put it in cruder terms, Russia is going to become more subservient to China." He added: "If Russia understands the weaknesses, the vulnerabilities or the back doors that China provides, it can be Russia continuing to do those cyber attacks at the behest of China."

Giving evidence to the committee were tech venture capitalist Andre Pienaar and Emily Taylor of cyberintel firm Oxford Information Labs. MPs were asking to what extent Huawei's involvement in 5G networks poses a threat to British national security.

Taylor also punched a hole through Huawei's continual denials that its commercial objectives are linked with the Chinese state's objectives, saying: "Mexico was offered a very generous loan on 1 per cent interest, on the condition that 80 per cent of it was spent with Huawei. So we see that technology build-out is very much forming part of the Belt and Road strategy – a patient, sustained strategy that has been conducted over decades."

Pienaar linked Huawei's commercial success to what he described as $75bn of "state aid" from China, apparently citing a Wall Street Journal investigation from December last year. In response to a question from Conservative MP Alicia Kearns, who was a "guest member" of the panel from the Foreign Affairs Committee, Pienaar said: "It is calculated that the Chinese government have financed the growth of Huawei with some $75bn over the past three years to enable it to achieve the kind of market dominance it currently has in telecommunications equipment."

Kearns had asked whether it was important to shut the Chinese comms giant out of the core of the UK's 5G networks. In his answer, Pienaar referenced the 2019 Huawei Cyber Security Evaluation Centre (HCSEC) report, which laid bare Huawei's pisspoor software development practices.

Speculating about why Huawei "are so shoddy in their cybersecurity engineering", he wondered aloud whether Huawei "just do not care about it and it is not important to them", perhaps unfairly adding: "That might be related to the price point at which they sell their product."

Taylor sounded a note of caution over Pienaar's description of Huawei as deliberately deceptive, remarking: "I would not run away with the idea that those faults are deliberately placed in it."

She continued:

Do not forget that Huawei is also providing equipment in other markets, such as China. In cybersecurity, the worst example is when you create a vulnerability and then it is used against you. A vulnerability can be used against anybody who is using the equipment, including the home team, if you like.

Huawei embarked on a short-lived charm offensive after last year's HCSEC report, emphasising how much it spent on cybersecurity.

Overall the committee, not normally known for its ability to uncover original insights, was left with the impression that Huawei is a risk not only to security – as the government has already concluded – but to Britain's relations with key allies America and Australia. Even though Taylor pointed out that it is far easier for Australia and the US to insist on a no-Huawei policy because they have had de facto bans since the early 2010s, this didn't seem to gain much attention.

Although there are targets to cap Huawei's involvement in UK 5G networks at 35 per cent of access layer equipment, there have been murmurings from current Defence Secretary Ben Wallace that this ought to be a much lower target. ®


At one point Ellwood chipped in to describe 5G network topology as composed of four parts, in his understanding: transition networks ("the pipes, if you like"); the core ("which they call the brains, so the encryption, the payments, the tariff and so forth"); the access network ("masts"); and the "management system, which is business support". ®

Similar topics

Narrower topics

Other stories you might like

  • Cheers ransomware hits VMware ESXi systems
    Now we can say extortionware has jumped the shark

    Another ransomware strain is targeting VMware ESXi servers, which have been the focus of extortionists and other miscreants in recent months.

    ESXi, a bare-metal hypervisor used by a broad range of organizations throughout the world, has become the target of such ransomware families as LockBit, Hive, and RansomEXX. The ubiquitous use of the technology, and the size of some companies that use it has made it an efficient way for crooks to infect large numbers of virtualized systems and connected devices and equipment, according to researchers with Trend Micro.

    "ESXi is widely used in enterprise settings for server virtualization," Trend Micro noted in a write-up this week. "It is therefore a popular target for ransomware attacks … Compromising ESXi servers has been a scheme used by some notorious cybercriminal groups because it is a means to swiftly spread the ransomware to many devices."

    Continue reading
  • Twitter founder Dorsey beats hasty retweet from the board
    As shareholders sue the social network amid Elon Musk's takeover scramble

    Twitter has officially entered the post-Dorsey age: its founder and two-time CEO's board term expired Wednesday, marking the first time the social media company hasn't had him around in some capacity.

    Jack Dorsey announced his resignation as Twitter chief exec in November 2021, and passed the baton to Parag Agrawal while remaining on the board. Now that board term has ended, and Dorsey has stepped down as expected. Agrawal has taken Dorsey's board seat; Salesforce co-CEO Bret Taylor has assumed the role of Twitter's board chair. 

    In his resignation announcement, Dorsey – who co-founded and is CEO of Block (formerly Square) – said having founders leading the companies they created can be severely limiting for an organization and can serve as a single point of failure. "I believe it's critical a company can stand on its own, free of its founder's influence or direction," Dorsey said. He didn't respond to a request for further comment today. 

    Continue reading
  • Snowflake stock drops as some top customers cut usage
    You might say its valuation is melting away

    IPO darling Snowflake's share price took a beating in an already bearish market for tech stocks after filing weaker than expected financial guidance amid a slowdown in orders from some of its largest customers.

    For its first quarter of fiscal 2023, ended April 30, Snowflake's revenue grew 85 percent year-on-year to $422.4 million. The company made an operating loss of $188.8 million, albeit down from $205.6 million a year ago.

    Although surpassing revenue expectations, the cloud-based data warehousing business saw its valuation tumble 16 percent in extended trading on Wednesday. Its stock price dived from $133 apiece to $117 in after-hours trading, and today is cruising back at $127. That stumble arrived amid a general tech stock sell-off some observers said was overdue.

    Continue reading

Biting the hand that feeds IT © 1998–2022