Expense Manager Services

Getting a handle on Unmanaged Spend through Expense Manager Services

Australia

telecommunications

No technical reason to exclude Huawei as 5G supplier, says UK committee

A UK parliamentary committee has concluded there are no technical grounds for excluding Chinese network kit vendor Huawei from the country’s 5G networks.

In a letter from the chair of the Science & Technology Committee to the UK’s digital minister Jeremy Wright, the committee says: “We have found no evidence from our work to suggest that the complete exclusion of Huawei from the UK’s telecommunications networks would, from a technical point of view, constitute a proportionate response to the potential security threat posed by foreign suppliers.”

Though the committee does go on to recommend the government mandate the exclusion of Huawei from the core of 5G networks, noting that UK mobile network operators have “mostly” done so already — but on a voluntary basis.

If it places a formal requirement on operators not to use Huawei for core supply the committee urges the government to provide “clear criteria” for the exclusion so that it could be applied to other suppliers in future.

Reached for a response to the recommendations, a government spokesperson told us: “The security and resilience of the UK’s telecoms networks is of paramount importance. We have robust procedures in place to manage risks to national security and are committed to the highest possible security standards.”

The spokesperson for the Department for Digital, Media, Culture and Sport added: “The Telecoms Supply Chain Review will be announced in due course. We have been clear throughout the process that all network operators will need to comply with the Government’s decision.”

In recent years the US administration has been putting pressure on allies around the world to entirely exclude Huawei from 5G networks — claiming the Chinese company poses a national security risk.

Australia announced it was banning Huawei and another Chinese vendor ZTE from providing kit for its 5G networks last year. Though in Europe there has not been a rush to follow the US lead and slam the door on Chinese tech giants.

In April leaked information from a UK Cabinet meeting suggested the government had settled on a policy of granting Huawei access as a supplier for some non-core parts of domestic 5G networks, while requiring they be excluded from supplying components for use in network cores.

On this somewhat fuzzy issue of delineating core vs non-core elements of 5G networks, the committee writes that it “heard unanimously and clearly” from witnesses that there will still be a distinction between the two in the next-gen networks.

It also cites testimony by the technical director of the UK’s National Cyber Security Centre (NCSC), Dr Ian Levy, who told it “geography matters in 5G”, and pointed out Australia and the UK have very different “laydowns” — meaning “we may have exactly the same technical understanding, but come to very different conclusions”.

In a response statement to the committee’s letter, Huawei SVP Victor Zhang welcomed the committee’s “key conclusion” before going on to take a thinly veiled swiped at the US — writing: “We are reassured that the UK, unlike others, is taking an evidence based approach to network security. Huawei complies with the laws and regulations in all the markets where we operate.”

The committee’s assessment is not all comfortable reading for Huawei, though, with the letter also flagging the damning conclusions of the most recent Huawei Oversight Board report which found “serious and systematic defects” in its software engineering and cyber security competence — and urging the government to monitor Huawei’s response to the raised security concerns, and to “be prepared to act to restrict the use of Huawei equipment if progress is unsatisfactory”.

Huawei has previously pledged to spend $2BN addressing security shortcomings related to its UK business — a figure it was forced to qualify as an “initial budget” after that same Oversight Board report.

“It is clear that Huawei must improve the standard of its cybersecurity,” the committee warns.

It also suggests the government consults on whether telecoms regulator Ofcom needs stronger powers to be able to force network suppliers to clean up their security act, writing that: “While it is reassuring to hear that network operators share this point of view and are ready to use commercial pressure to encourage this, there is currently limited regulatory power to enforce this.”

Another committee recommendation is for the NCSC to be consulted on whether similar security evaluation mechanisms should be established for other 5G vendors — such as Ericsson and Nokia: Two European based kit vendors which, unlike Huawei, are expected to be supplying core 5G.

“It is worth noting that an assurance system comparable to the Huawei Cyber Security Evaluation Centre does not exist for other vendors. The shortcomings in Huawei’s cyber security reported by the Centre cannot therefore be directly compared to the cyber security of other vendors,” it notes.

On the issue of 5G security generally the committee dubs this “critical”, adding that “all steps must be taken to ensure that the risks are as low as reasonably possible”.

Where “essential services” that make use of 5G networks are concerned, the committee says witnesses were clear such services must be able to continue to operate safely even if the network connection is disrupted. Government must ensure measures are put in place to safeguard operation in the event of cyber attacks, floods, power cuts and other comparable events, it adds. 

While the committee concludes there is no technical reason to limit Huawei’s access to UK 5G, the letter does make a point of highlighting other considerations, most notably human rights abuses, emphasizing its conclusion does not factor them in at all — and pointing out: “There may well be geopolitical or ethical grounds… to enact a ban on Huawei’s equipment”.

It adds that Huawei’s global cyber security and privacy officer, John Suffolk, confirmed that a third party had supplied Huawei services to Xinjiang’s Public Security Bureau, despite Huawei forbidding its own employees from misusing IT and comms tech to carry out surveillance of users.

The committee suggests Huawei technology may therefore be being used to “permit the appalling treatment of Muslims in Western China”.

Read more: https://techcrunch.com/2019/07/15/no-technical-reason-to-exclude-huawei-as-5g-supplier-says-uk-committee/

telecommunications

Internet connectivity projects unite as Alphabet spinout Loon grabs $125M from SoftBanks HAPSMobile

Two futuristic projects are coming together to help increase global internet access after Loon, the Google spinout that uses a collection of floating balloons to bring connectivity to remote areas, announced it has raised money from a SoftBank initiative.

HAPSMobile, a SoftBank project that is also focused on increasing global connectivity, is investing $125 million into Loon, according to an announcement from SoftBank made this morning. The agreement includes an option for Loon to make a reciprocal $125 million investment in HAPSMobile and it includes co-operation plans, details of which are below.

HAPSMobile is a one-year-old joint venture between SoftBank and U.S. company AeroVironment . The company has developed a solar-powered drone that’s designed to deliver 5G connectivity in the same way Facebook has tried in the past. The social network canceled its Aquila drone last year, although it is reported to have teamed up with Airbus for new trials in Australia.

Where Facebook has stumbled, HAPSMobile has made promising progress. The company said that its HAWK 30 drone — pictured below in an impression — has completed its initial development and the first trials are reportedly set to begin this year.

Loon, meanwhile, was one of the first projects to go after the idea of air-based connectivity with a launch in 2013. The business was spun out of X, the “moonshot” division of Alphabet, last year and, though it is still a work in progress, it has certainly developed from an initial crazy idea conceived within Google.

Loon played a role in connecting those affected by flooding in Peru in 2017 and it assisted those devastated by Hurricane Maria in Puerto Rico last year. Loon claims its balloons have flown more than 30 million kms and provided internet access for “hundreds of thousands” of people across the world.

In addition to the capital investment, the two companies have announced a set of initiatives that will help them leverage their collective work and technology.

For starters, they say they will make their crafts/balloons open to use for the other — so HAPSMobile can tap Loon balloons for connectivity and vice-versa — while, connected to that, they will jointly develop a communication payload across both services. They also plan to develop a common ground station that could work with each side’s tech and develop shared connectivity that their airborne hardware can tap.

Loon has already developed fleet management technology because of the nature of its service, which is delivered by a collection of balloons, and that will be optimized for HAPSMobile.

The premise of HAPSMobile is very much like Loon

Outside of tech, the duo said they will create an alliance “to promote the use of high altitude communications solution with regulators and officials worldwide.”

The investment is another signal that shows SoftBank’s appetite in tech investing is not limited to up-and-coming startups via its Vision Fund; more established ventures are indeed also in play. Just yesterday, the Vision Fund announced plans to invest $1 billion in German payment firm Wirecard and its past investments include ARM and Nvidia, although SoftBank has sold its stake in the latter.

Read more: https://techcrunch.com/2019/04/24/alphabet-spinout-loon-grabs-125m-from-softbank/

telecommunications

UK gives Huawei an amber light to supply 5G

The U.K. government will allow Huawei to be a supplier for some non-core parts of the country’s 5G networks, despite concerns that the involvement of the Chinese telecoms vendor could pose a risk to national security. But it will be excluded from core parts of the networks, according to reports in national press.

The news of prime minister Theresa May’s decision made during a meeting of the National Security Council yesterday was reported earlier by The Telegraph. The newspaper said multiple ministers raised concerns about her approach — including the Home Secretary, Foreign Secretary, Defence Secretary, International Trade Secretary and International Development Secretary.

The FT reports that heavy constraints on Huawei’s involvement in U.K. 5G networks reflect the level of concern raised by ministers.

May’s decision to give an amber light to Huawei’s involvement in building next-gen 5G networks comes a month after a damning report by a U.K. oversight body set up to evaluate the Chinese company’s approach to security.

The fifth annual report by the Huawei Cyber Security Evaluation Centre Oversight Board blasted “serious and systematic defects” in its software engineering and cyber security competence.

Though the oversight board stopped short of calling for an outright ban — despite saying it could provide “only limited assurance that all risks to U.K. national security from Huawei’s involvement in the U.K.’s critical networks can be sufficiently mitigated long-term.”

But speaking at a cybersecurity conference in Brussels in February, Ciaran Martin, the CEO of the U.K.’s National Cyber Security Centre (NCSC), expressed confidence U.K. authorities can mitigate any risk posed by Huawei.

The NCSC is part of the domestic GCHQ signals intelligence agency.

Dr. Lukasz Olejnik, an independent cybersecurity advisor and research associate at the Center for Technology and Global Affairs at Oxford University, told TechCrunch he’s not surprised by the government’s decision to work with Huawei.

“It’s a message that was long-expected,” he said. “U.K. officials have been carefully sending signals in the previous months. In a sense, this makes us closer to the end of the 5G drama.”

“With proper management most risk can be mitigated. It all depends on the strategic planning,” he added.

“I believe the level of [security] responsibility at telecoms will remain similar to today’s. The main message expected by telecoms is clarity to enable them to move on with infrastructure.”

The heaviest international pressure to exclude the Chinese vendor from next-gen 5G networks has been coming from the U.S., where President Trump has been leaning on key intelligence-sharing allies to act on espionage fears and shut out Huawei — with some success.

Last year Australia and New Zealand both announced bans on Chinese kit vendors citing national security fears.

But in Europe governments appear to be leaning in another direction: toward managing and mitigating potential risks rather than shutting the door completely.

The European Commission has also eschewed pushing for a pan-EU ban — instead issuing recommendations encouraging member states to step up individual and collective attention on network security to mitigate potential risks.

It has warned too — and conversely — of the risk of fragmentation to its flagship “digital single market” project if member state governments decide to slam doors on their own. So, at the pan-EU level, security considerations are very clearly being weighed against strategic commercial imperatives and technology priorities.

Equally, individual European governments appear to have little appetite to throw a spanner in the 5G works, given the risk of being left lagging as cellular connectivity evolves and transforms — an upgrade that’s expected to fuel and underpin developments in artificial intelligence and big data analysis, among other myriad and much-hyped benefits.

In the U.K.’s case, national security concerns have been repeatedly brandished as justification for driving through domestic surveillance legislation so draconian that parts of it have later been unpicked by both U.K. and EU courts. Even if the same security concerns are here, where 5G networks are concerned, being deemed “manageable” — rather than grounds for a similarly draconian approach to technology procurement.

It’s not clear at this stage how extensively Huawei will be involved in supplying and building U.K. 5G networks.

The NCSC sent us the following statement in response to questions:

National Security Council discussions are confidential. Decisions from those meetings are made and announced at the appropriate time through the established processes.

The security and resilience of the UK’s telecoms networks is of paramount importance.

As part of our plans to provide world class digital connectivity, including 5G, we have conducted an evidence based review of the supply chain to ensure a diverse and secure supply base, now and into the future. This is a thorough review into a complex area and will report with its conclusions in due course.

“How ‘non-core’ will be defined is anyone’s guess but it would have to be clearly defined and publicly communicated,” Olejnik also told us. “I would assume this refers to government and military networks, but what about safety communication or industrial systems, such as that of power plants or railroad? That’s why we should expect more clarity.”

Read more: https://techcrunch.com/2019/04/24/uk-gives-huawei-an-amber-light-to-supply-5g/