He discovered a serious flaw in Huawei equipment, which could cause the entire carrier to shut down if attacked

Tram Ho

According to a report from the UK government, security experts in this country have discovered a “national stature” vulnerability when analyzing the technology in Huawei’s network equipment. Not only that, the increase in the number and severity of these vulnerabilities every year also makes these experts not trust Huawei’s technological capabilities.

This report was produced by the Huawei Network Security Assessment Center (HCSEC) under the British Signal Intelligence Agency GCHQ. HCSEC is the center established by the British government in cooperation with Huawei to evaluate the equipment to be used in the country’s network. Every year, HCSEC will provide analysis reports on Huawei’s cybersecurity software, engineering and processes to identify threats to the UK network infrastructure.

Anh phát hiện lỗ hổng nghiêm trọng trong thiết bị Huawei, có thể khiến cả nhà mạng phải dừng hoạt động nếu bị tấn công - Ảnh 1.

Usually, when a vulnerability is found, HCSEC will report it to NCSC (UK National Cyber ​​Security Center), telecom companies and Huawei to fix it. But given the ” national stature ” vulnerabilities above, the details of the vulnerability will be delayed to Huawei until the UK security community finds a way to mitigate the impact. According to the BBC, this vulnerability is related to broadband connectivity.

In addition, the management of this Center said that they can only ” limited ” guarantee that the risks related to UK national security from using Huawei equipment can be mitigated. long term.

Given the number and severity of vulnerabilities, along with problems in architecture and construction, being discovered increasingly by a relatively small group in HCSEC is particularly troubling. If an attacker is aware of these vulnerabilities and is able to exploit them, they could impact the operation of a UK network, and in some cases even shut down the network operator works completely . ”

However, officials do not believe that anyone has exploited the flaw.

Anh phát hiện lỗ hổng nghiêm trọng trong thiết bị Huawei, có thể khiến cả nhà mạng phải dừng hoạt động nếu bị tấn công - Ảnh 2.

However, the report also said that the findings are related to Huawei’s technical capabilities and cybersecurity level – rather than errors being intentionally incorporated into the system. ” Solid evidence of poor encryption has been found, including evidence that Huawei continues to not adhere to its own internal secure encryption principles, despite a number of improvements. small compared to previous years . ”

HCSEC said in 2019 it identified ” critical vulnerabilities that users face ” in fixed access products. This is due to ” poor programming quality ” and the use of an outdated operating system, the report claims.

Even though the report is only for Huawei devices for 2019, Huawei’s position as a key supplier of network technology in the UK has been seriously shaken. In July, the government ordered carriers to stop purchasing 5G equipment from the Chinese company by 2021. In addition, carriers must also remove all Huawei technology from their 5G networks within the next seven years.

Refer to ZDNet

Share the news now

Source : Genk