From The Verge: A UK government cybersecurity watchdog has once again raised serious concerns about Huawei’s security practices, the Financial Times reports. The report comes from the Huawei Cyber Security Evaluation Centre (HCSEC) Oversight Board, an organisation set up by the UK’s National Cyber Security Centre to evaluate the security risks posed by using Huawei’s equipment in critical national infrastructure.
HCSEC’s report does not claim to have found any direct evidence of state-backed espionage. However, what it does do is criticize Huawei’s “basic engineering competence and cyber security hygiene,” which could be exploited in a future cybersecurity attack. In particular:
“HCSEC has continued to find serious vulnerabilities in the Huawei products examined. Several hundred vulnerabilities and issues were reported to UK operators to inform their risk management and remediation in 2018. Some vulnerabilities identified in previous versions of products continue to exist.”
The report notes that, “If an attacker has knowledge of these vulnerabilities and sufficient access to exploit them, they may be able to affect the operation of the network” and even “access user traffic or reconfiguration of the network elements.” However, it also said that the security management of UK operators “makes exploitation of vulnerabilities harder.”
View: Article @ Source Site
