No decision has been taken by security officials on whether to recommend to the U.K. government it should ban Chinese telecom giant Huawei Technologies Co, according to the country’s cyber security chief.
The National Cyber Security Centre Chief Executive Officer Ciaran Martin said at a cybersecurity conference in Brussels Wednesday that “everything is on the table,” adding that the U.K. “will not compromise on the improvements we need to see from Huawei.”
A report on the resilience and security of Britain’s telecoms supply chains is due to conclude in March. Digital Secretary Jeremy Wright will use it to make recommendations to the National Security Council, as the country introduces its fifth-generation telecom networks. Huawei faces bans in Japan, Australia, New Zealand and the U.S. over fears the Chinese government could use its systems to spy on other countries.
“5G security is not a simple, binary choice,” Martin said. “It is about complex technical functions, a complex global threat environment, and a complex global market. One thing is clear: the way that market works has to change. Security must be a bigger consideration in market decisions in the future than it has been to date.”
Over the last two years the government has attributed state-sponsored malicious cyber activity against the U.K. to Russia, China, North Korea and Iran. Last year some U.K. networks — including telecommunication systems — were attacked by Russia, Martin said.
“As far as we know, those networks didn’t have any Russian kit in them, anywhere,” he said. “The techniques the Russians used to target those networks were looking for weaknesses.”
The annual report by the Huawei Cyber Security Evaluation Centre Oversight Board into how the company conducts its U.K. operations is expected to criticize its failure to act on shortcomings outlined in the previous report, a person familiar with its conclusions said in January.
“These problems are about the standard of cyber security; they are not indicators of hostile activity by China,” he said. “Should the supplier market consolidate to such an extent that there are only a tiny number of viable options, that will not make for good cyber security, whether those options are Western, Chinese, or from anywhere else.”