Politicians and security officials have expressed outrage after details of a sensitive meeting—held to decide whether the UK should permit Huawei equipment in national 5G networks—were leaked to the press.
Minutes from a National Security Council (NSC) session appeared in newspapers on Wednesday, just one day after the closed-door meeting. Prime Minister Theresa May attended the meeting, where security chiefs debated whether Huawei presents a substantial risk to national security.
Jon Trickett, Labour’s shadow Cabinet Office minister, condemned the leak and criticised the government:
“This Conservative government has once again shown it cannot unite to protect the public interest.
Matters of national security must be treated with the utmost care, not used as political ammunition in an internal Tory Party fight.
The government should launch a full investigation to identify those responsible for these leaks, or risk further eroding what little authority it has left.”
Allied countries such as the United States and Australia have already banned Huawei from their official networks, citing national security concerns. These governments argue Huawei is influenced by Beijing and could be compelled to facilitate espionage if requested by Chinese authorities.
Conservative elder Sir Nicholas Soames told the BBC that the leak would “cause our friends and allies to wonder if we can be considered reliable.”
As members of the Five Eyes intelligence alliance, the US and Australia have pressed the UK to prohibit Huawei. Canada, another Five Eyes partner, plans to allow Huawei under stringent oversight similar to the controls applied to some 4G network suppliers.
Rob Joyce, a senior adviser at the US National Security Agency, told the Financial Times: “What we will be insistent on is UK decisions can’t put our information at risk but the good news is that the UK already understands that.”
The leaked NSC information suggested the UK is likely to permit Huawei to build “non-core” elements of its national 5G infrastructure—an approach similar to Canada’s position.
Existing Huawei equipment used in the UK is subject to inspection for backdoors by security specialists at the Huawei Cyber Security Evaluation Centre (HCSEC) in Banbury.
HCSEC publishes annual reports assessing the company’s products and processes. For several years the centre identified only minor issues and concluded risks could be mitigated. However, concerns about Huawei’s engineering practices recently led HCSEC to state it could no longer provide the same level of assurance.
Last year a Canadian intelligence official argued that excluding Huawei altogether could paradoxically increase security risk. By using a diverse set of vendors, the impact of a compromise in any one supplier’s equipment would be reduced across the wider network.
Mrs May’s effective deputy, David Lidington, said no final decision on Huawei has been made. He explained that the government’s review aims to increase “resilience and, critically, diversity in the entire supply chain.”
He also noted that, from a legal perspective, Huawei is a private company rather than a state-owned enterprise.
The government has not ruled out launching a criminal investigation to identify the source of the leak.
Interested in hearing industry leaders discuss topics like this? Attend the co-located IoT Tech Expo, Blockchain Expo, AI & Big Data Expo, and Cyber Security & Cloud Expo World Series, with upcoming events in Silicon Valley, London, and Amsterdam.