A UK cybersecurity expert has criticised Huawei’s engineering as “very, very shoddy,” and said this “poor engineering” could lead to its equipment being banned from Westminster and other sensitive parts of the UK.
Dr. Ian Levy, the technical director of GCHQ’s National Cyber Security Centre (NCSC), said Huawei’s poor engineering was more of a concern than any potential threats from the company’s products being used to conduct espionage on behalf of the Chinese government.
“The security in Huawei is like nothing else – it’s engineering like it’s back in the year 2000,” Levy told the BBC’s Panorama programme. “It’s very, very shoddy and leads to cybersecurity issues that we then have to manage long term. It’s just poor engineering.”
Dr. Levy added that ministers could consider “geographic restrictions”, such as banning Huawei’s products from Westminster.
“We’ve seen nothing to give us any confidence that the transformation programme is going to do what they say it’s going to do.”
The US government continues to add pressure on allies to not use Huawei’s equipment due to ‘security concerns’, while UK network operators say it could delay 5G launches by up to two years, which could cost the UK between £4.5bn and £6.8bn.
The UK government is expected to reveal in May whether it will restrict or ban the firm’s 5G technology.
British security officials have heavily criticised the company for failing to fix long-standing security flaws in its equipment, but said security risks posed by Huawei can be managed and that there’s no evidence of malicious activity from the company.
In its fifth annual report, the Huawei Cyber Security Evaluation Centre (HCSEC), which works with the NCSC to manage Huawei’s equipment, highlighted “major defects” in the quality of Huawei’s cybersecurity and software engineering and “concerning issues in Huawei’s approach to software development”.
Fighting back against allegations
A spokesperson for the company said it took the concern raised in the report very seriously and that they would be addressed by the previously announced $2bn (£1.52bn) transformation programme.
In the last couple of months, the company has been fighting back against the US government’s allegations, and Ryan Ding, head of Huawei’s carrier division, dismissed claims that its equipment could contain “backdoors” for spying and said the US objections are misplaced.
“We have a country here [the US] that virtually uses no Huawei equipment and doesn’t even know whether our 5G equipment is square or round, and yet it has been incessantly expressing security concerns over Huawei,” he told the programme.
“I don’t want to speculate on whether they have other purposes with this kind of talk. I would rather focus the limited time that I have on making better products,” he added.