Is there an unsecured wireless network near you?
Telcos face £100k-a-day fines unless they obey new UK.gov rules on how to deploy Huawei 5G gear in their networks
Tuesday, 24 November 2020 22:27

Not content with its planned ban on Huawei equipment in the UK's 5G phone networks, the British government now wants to threaten Huawei-using telcos with fines of £100,000 a day unless they follow binding new rules on how existing kit can be used.

A new law being laid in Parliament today will allow the government to write binding security rules that shut so-called "high risk" vendors' equipment out of parts of networks – and could even dictate how their existing equipment can be used within telcos' networks.

Oliver Dowden, Culture Secretary, aka Secretary of State for Digital, Culture, Media and Sport, boasted in a canned statement: "This groundbreaking bill will give the UK one of the toughest telecoms security regimes in the world and allow us to take the action necessary to protect our networks."

As well as targeting gear with backdoors, the new laws will also let regulators including Ofcom target telco equipment running poorly written firmware. Such firmware is said to be widespread in Huawei's network equipment, as revealed in 2019's Huawei Cyber Security Evaluation Centre report and reinforced in this year's follow-up.

National Cyber Security Centre technical director Dr Ian Levy said in a canned statement: "The roll-out of 5G and gigabit broadband presents great opportunities for the UK, but as we benefit from these we need to improve security in our national networks and operators need to know what is expected of them. We are committed to driving up standards and this bill imposes new telecoms security requirements, which will help operators make better risk management decisions."

The new Bill will, the Ministry of Fun** told the press, be written as a framework allowing civil servants to create legally binding codes of practice without Parliamentary oversight. It said these requirements will be set out in secondary legislation, but are likely to involve companies acting to:

  • securely design, build and maintain sensitive equipment in the core of providers' networks which controls how they are managed;
  • reduce the risks that equipment supplied by third parties in the telecoms supply chain is unreliable or could be used to facilitate cyber attacks;
  • carefully control who has permission to access sensitive core network equipment on site as well as the software that manages networks;
  • make sure they are able to carry out security audits and put governance in place to understand the risks facing their public networks and services; and
  • keep networks running for customers and free from interference, while ensuring confidential customer data is protected when it is sent between different parts of the network.

All new purchases of Huawei mobile network equipment for UK networks will be banned from the end of this year under existing laws. By the year 2027 all "high-risk vendor" kit will be stripped out of Britain's networks altogether.

Frantic at the notion of being shut out of a lucrative, Western market, Huawei has been busy commissioning study after study "proving" that kicking it out of Britain's telco networks would be bad for the economy.

If the UK government is genuinely concerned about the perceived secuirty risks of integrating Huawei kit, and not acting on ongoing pressure from the US administration, it is no small wonder that telcos in Britain have until 2027 to eradicate Huawei from their networks. ®

Source: https://bit.ly/33cFKCB