UK report details new and existing Huawei security issues

They could put the country’s telecom infrastructure at risk.

The US has been vocal about its qualms with Chinese tech giant Huawei -- going as far as to charge it with a laundry list of crimes, from stealing trade secrets to wire fraud. But European governments have taken a more moderate approach. That might be changing though. A new report reveals that the UK is unhappy with Huawei's tech and concerned about the risks it brings to the country's telecommunications networks.

The annual report from the Huawei Cyber Security Evaluation Centre (HCSEC) oversight board points out "significant technical issues" in Huawei's engineering process that lead to new telecom risks. Additionally, Huawei failed to address security concerns raised by the board in last year's report. Those concerns centered around software development. As we reported then, Huawei was using an old version of Wind River's VxWorks, a real-time operating system. The version was set to lose access to security updates in 2020, which could open the UK to cyber attacks.

In response, Huawei told Reuters that it takes these concerns "very seriously," and that the report provides "vital input for the ongoing transformation of our software and engineering capabilities." According to Reuters, last year, Huawei pledged to spend more than $2 billion to address the security issues. However, it warned that the process could take up to five years.

As a result of these new and existing concerns, the oversight board said it can "provide only limited assurance that the long-term security risks can be managed in the Huawei equipment currently deployed in the UK." There's no indication of what action, if any, the UK might take, but as we've reported previously, the country tends to favor mitigating risks as opposed to banning Huawei gear altogether. At the very least, the report substantiates the alarms the US has been sounding around Huawei's technology.