EU warning over 5G security risks from state-backed entities

EU report warns that non-EU firms bidding for 5G network contracts could be "subject to interference" when they have strong ties to government - but doesn't mention Huawei or ZTE

The European Union has published a joint risk-assessment warning that 5G networks could be at risk from suppliers with strong links to national governments.

However, the report, which was clearly aimed at highlighting the risks posed from using hardware and services supplied by Chinese telecoms companies, stopped short from naming Huawei and ZTE.

The report - prepared by an EU security group - highlighted the increased security risks posed by well-resourced state-backed entities and called for a new approach to securing telecoms infrastructure in the EU.

The report stressed that non-EU companies bidding for 5G network contracts could be "subject to interference" when they have strong ties to their government, or work in a system that lacks "democratic checks and balances".

"Among the various potential actors, non-EU states or state-backed are considered as the most serious ones and the most likely to target 5G networks," the European Commission and Finland, which currently holds the EU presidency, said in a joint statement, according to Reuters.

The report highlights the need for the EU member states to build long-term trust relationships with 5G technology suppliers and to go for diversity in equipment and solutions. It warns that leaving a 5G network in the end-to-end hands of a single vendor would be risky.

The EU states plan to publish a paper by the end of the year that will explore in detail the specific steps required to deal with the security risks. That report may also name particular products it regards as insecure.

Huawei has welcomed the EU's latest report, stating that it is always ready to work jointly with European partners on the issue of 5G network security.

The company reiterated that cyber security has been a top priority.

However, Huawei has failed to satisfy the US government, which has strongly argued that Huawei could be forced by the Chinese government to hack its customers through "back doors" preinstalled on Huawei's products.

In May, the US Commerce Department put Huawei on its "Entity List" of firms that need special permission from the government to buy US technology and components.

President Trump has also repeatedly called on friendly states and the European Union to bar Huawei from their upcoming 5G infrastructure projects.

Earlier this week, authorities in the Czech Republic barred Huawei and ZTE from two public tenders for communications systems on security grounds.

The tenders were worth seven million crowns (£240,000), and were launched last month by the Prague airport management.

China's Hikvision was also this week placed on US blacklists over its role in human rights violations against Uyghur people in China's north-eastern Xingjiang province.

Last year, New Zealand's intelligence agency turned down the request of a telecom firm to use Huawei equipment in its 5G network, citing national security concerns. That followed a similar decision by authorities in Australia.