THE UK GOVERNMENT will investigate a British cyber security centre run by Chinese network equipment giant Huawei due to concerns over the security of its network hardware and services.
The review was called for by Parliament's Intelligence and Security Committee (ISC) in a report, which claimed that the Chinese firm's Cyber Security Evaluation Centre called the Cell, based in Oxfordshire, failed to provide enough proof that it is protecting UK telecoms, thus leaving them potentially vulnerable to cyber attack.
The government has welcomed the report and backed its findings. "The UK government has been able to leverage Huawei's reputational concerns to encourage it to invest in the Cyber Security Evaluation Centre and become more transparent about its equipment and business practices," read a government statement.
"This is a significant achievement. However, we question why the Cell is only now approaching full functionality, over seven years after the BT contract was awarded."
The government has therefore recommended that the National Security Adviser conduct a substantive review of the effectiveness of the Cell "as a matter of urgency...given these delays and the lack of evidence so far that it will be able to provide the level of security assurance required".
The Cell was originally created in 2010 after security concerns arose regarding Huawei technology used in BT and EE networks.
US politicians have since claimed that the company posed a threat because of links to China's government and military. The allegations are based, in part, on the fact that the company's founder, Ren Zhengfei, was a former member of the People's Liberation Army.
Nevertheless, Huawei has denied having close ties to the Chinese state and has stressed that it is 98.6 percent owned by its employees.
However, the ISC highlighted the fact that the Cell's staffing is a particular concern, and argued that the UK Government Communications Headquarters (GCHQ) must have further involvement.
"Before seeking clarification, we assumed that Huawei funded the Cell but that it was run by GCHQ. A self-policing arrangement is highly unlikely either to provide, or to be seen to be providing, the required levels of security assurance. We therefore strongly recommend that the staff in the Cell are GCHQ employees," an ISC report said.
"GCHQ must have greater oversight of the Cell and be formally tasked to provide assurance, validation and audit of its work, and the government must be involved in the selection of its staff, to ensure continued confidence in the Cell."
A Cabinet Office spokesman said that the government supports the ISC's findings and plans to follow its recommendation.
"We take threats to our Critical National Infrastructure very seriously and need to be responsive to changes in a fast-moving and complex, globalised telecommunications marketplace. We have robust procedures in place to ensure confidence in the security of UK telecommunications networks," said the spokesman.
"However, we are not complacent and as such we have agreed to the main recommendation of the report to conduct a review of Huawei's Cyber Security Evaluation Centre (the ‘Banbury Cell') to give assurance that we have the right measures and processes in place to protect UK telecommunications."
In response to the ISC report findings and government statement, Huawei said it is continuously working to improve its technological security.
"Huawei shares the same goal as the UK government and the ISC in raising the standards of cyber security in the UK and ensuring that network technology benefits UK consumers. Huawei is open to new ideas and ways of working to improve cyber security," the firm said.
The government's security concerns regarding Huawei most likely have been escalated by the recent exposure of the US National Security Agency (NSA) PRISM data collection programme, which has seen a call for transparency by high profile technology firms including Mozilla, Apple, Reddit, Yahoo, Microsoft, Google and Facebook. µ
Sign up for INQbot – a weekly roundup of the best from the INQ