The British government announced in late January it will allow the Chinese company Huawei to supply part of the United Kingdom’s next-generation 5G data network – despite the government’s own assessment that the company is a “high risk vendor.” Unless the United Kingdom reverses this penny-wise, pound-foolish decision, one of America’s closest and most militarily capable democratic allies will deliver a victory to the Chinese Communist Party and damage transatlantic security.
Britain’s decision allows high risk Huawei to supply up to 35 percent of non-core components of the U.K.’s 5G network. By limiting Huawei to “periphery” as opposed to “core” elements of the 5G network, U.K. officials believe they can limit security risks.
But that argument is suspect. Some experts warn that peripheral components are also “vulnerable to hard-to-detect attacks that could exfiltrate, reroute, or duplicate sensitive data.” Wherever Huawei’s technology is embedded, the company may have the ability to disrupt 5G functionality at a time of the CCP’s choosing.
Trump administration officials and a bipartisan chorus on Capitol Hill have raised the alarm. Secretary of State Mike Pompeo cautioned last year that allowing Huawei into 5G networks would provide the CCP with “access to steal private or proprietary information, or use ‘kill switches’ to disrupt critical future applications.”
Downing Street evidently finds such arguments from Washington unpersuasive. Notably, however, the United Kingdom is also brushing aside concerns from its own technical experts. An annual oversight report on Britain’s critical national infrastructure noted that the “significant technical issues,” “serious vulnerabilities,” and “engineering defects” in Huawei’s products can be exploited by attackers.
In guidance accompanying the new decision, Britain’s National Cyber Security Centre (NCSC) makes clear that Huawei continues to earn its high risk designation. And these concerns go well beyond Huawei’s poor “cybersecurity and engineering quality.” The NCSC assesses, for example, that the CCP “will continue to carry out cyber attacks against the UK and our interests” and could order Huawei to “act in a way that is harmful to the UK.”
Huawei of course rejects any notion that it is a tool of the party, but the National Cyber Security Centre is correct to worry.
“No company can object … they have to follow the dictates of that government,” explained Robert Strayer, the State Department’s cyber chief. Any assertion of an independent private Chinese company that could stand up to Beijing is absurd and clearly inconsistent with China’s state capitalist model. Indeed, Beijing’s national strategy of “military-civil fusion” makes the idea of a Chinese private sector a dangerous fiction.
But the most serious concern is how Beijing might use its Huawei beachhead in Britain to undermine security and drive a wedge into the U.S.-U.K. special relationship. Defense Secretary Mark Esper warned NATO allies in September that partnering with Chinese technology companies “only jeopardizes military interoperability and intelligence sharing.”