Conference: 5G Security Threat is Real and Countries Should Take Heed

Representatives of 30 nations came together in Prague Friday to discuss the need for better supply chain security regarding 5G technology.

The concerns come following the United States’ ban on Chinese tech giant Huawei and its products over fears the company’s products could be used by the Chinese government to gain access to a country’s 5G infrastructure.

In a statement from the security conference in the Czech Republic, representatives said the influence of a supplier from a third country “should be taken into account,” especially in relation to any “absence of cooperation agreements on security.”

“Security and risk assessments of vendors and network technologies should take into account rule of law, security environment, vendor malfeasance and compliance with open, interoperable, secure standards and industry best practices,” the statement said, according to France24.

The non-binding statement, labeled “the Prague Proposals” comes after the United Kingdom joined Germany in allowing Huawei to help build out part of those nations’ 5G infrastructures. Other nations, such as the Czech Republic and non-EU nations Australia and New Zealand, have joined the United States in either outright banning or warning against using the telecom company.

The objections from the United States are a result of Chinese law obligating Huawei to help collect intelligence and provide other security services to the government.

While Huawei says it operates as a “typical international company,” countries like the United States aren’t willing to take the risk that it won’t leverage its access to 5G infrastructure to help Beijing, or that the Chinese government won’t compel the company to do it.

On the heels of the U.K.-Huawei deal, U.K. Secretary of Defense Gavin Williamson was fired for reportedly leaking details of the government’s decision.

In terms of the Prague Proposals, Ciaran Martin, head of the U.K.’s National Cyber Security Centre, said the biggest issue with countries regarding building out 5G infrastructure was not having a large enough pool of vendors who are qualified to do the work.

“There are a range of security challenges which we noted, sometimes they are issues of quality, poor engineering, poor security practices, there are issues and security requirements arising from the need of the vendors to access the operator’s network,” he told Agence France-Presse.