EU warns hostile countries are 5G risk, avoids naming names
An exhibitor booth with a 5G on display at the Smart China Expo, on Aug. 27, 2019. (Chinatopix via AP)
LONDON -- The European Union warned Wednesday that next-generation telecommunication networks face a range of cyber threats, including from hostile countries.
While steering clear of singling out Chinese tech company Huawei, an EU security risk assessment identified "states or state-backed actors" as the most serious and likely culprits to carry out sophisticated attacks on new 5G networks.
The report didn't name specific countries. It only briefly mentioned Huawei as one of the main suppliers of 5G equipment, alongside Finland's Nokia and Sweden's Ericsson.
Huawei, the world's biggest maker of telecom network gear, has been at the centre of a furious geopolitical battle between the U.S. and China. The U.S. government has been lobbying allies in Europe and elsewhere to shun Huawei over concerns its equipment might aid Chinese electronic spying, claims that the company has consistently denied.
Fifth-generation mobile networks will allow ultrafast download speeds and less signal delay -- advances that pave the way for innovations such as self-driving cars, factory robots and remote surgery. But 5G technology will also depend more heavily on software, which brings new security risks, the report said.
"Hostile third countries may exercise pressure on 5G suppliers in order to facilitate cyberattacks serving their national interests," the report said.
It cited a possible risk scenario in which a "hostile state actor" pressures a supplier "under its jurisdiction to provide access to sensitive network assets through (either purposefully or unintentionally) embedded vulnerabilities."
At a briefing in Brussels, EU officials deflected repeated questioning by journalists about why they couldn't be more explicit in spelling out whether Huawei posed a risk.
"I don't think you can accuse us of ducking the issues. The issues are spelled out pretty clearly," said EU Security Commissioner Julian King, pointing to the report's section on "non-technical factors."
He said they wanted to make a detailed, step-by step, risk-based analysis rather than "jumping to conclusions."
U.S. officials were given the opportunity to brief EU member states as they carried out national risk assessments for the bloc-wide report, said Minna Kivimaki, the deputy permanent representative from Finland, which holds the rotating EU presidency, without providing more details.
Huawei said it welcomed the report.
"We are pleased to note that the EU delivered on its commitment to take an evidence-based approach, thoroughly analyzing risks rather than targeting specific countries or actors," it said in a statement.