Europe’s telecoms companies want to do business with China’s Huawei. That may have just gotten harder.
Vodafone (VOD) and Huawei confirmed Tuesday that the phone company discovered vulnerabilities in Huawei software in 2011 and 2012, following a report from Bloomberg News.
The problems were routine and promptly fixed, the companies said. But the disclosure could give the United States more ammunition in its campaign to block Huawei from next-generation 5G networks in Europe because of fears that China could use the technology for spying or sabotage.
“It will be pointed to as … yet another past security concern around Huawei,” said Paul Triolo, head of the geotechnology practice at consultancy Eurasia Group.
Many of the biggest telecoms companies in Europe use Huawei components in their existing networks, and would like the option to use the Chinese company’s products to build the super-fast 5G services that will power self-driving cars and future smart cities.
“The telecom community has been very supportive of Huawei,” said Dario Talmesio, an analyst at market research group Ovum. “Without Huawei, they don’t have enough diversity of suppliers.”
Huawei is the world’s largest supplier of telecoms equipment, and its market share in Europe is estimated at between 35% and 40%.
The company’s presence in Europe is helping to keep down costs, telecom providers say. And having components from multiple suppliers can make networks less vulnerable to attacks.
Yet their ability to keep doing business with Huawei has been put into doubt by a bruising political fight.
The Trump administration has repeatedly warned allied countries that the United States could restrict intelligence sharing if they permit the use of Huawei equipment in their 5G networks.
The United States claims that the Chinese government could use Huawei devices for spying, allegations the company has denied. European countries have not yet agreed to the US demands.
The United Kingdom reportedly settled on a compromise approach last week that would ban products made by Huawei from “core” 5G infrastructure, but allow them in less sensitive parts of the network.
EU officials have directed countries to complete 5G risk assessments, and conduct a wider security review by the end of December that will include steps to safeguard 5G networks.
Telecoms companies, meanwhile, have been forced to walk a political tightrope.
BT (BT) said in December that it would not buy Huawei equipment for the core of its 5G network, even though a top executive at the company later said he had seen no “cause for concern.”
Europe’s biggest wireless provider Vodafone followed in January with an announcement that it would pause the installation of Huawei equipment in its core networks in Europe, given the political uncertainty surrounding the Chinese company.
Issues in Italy
Bloomberg reported Tuesday that Vodafone (VOD) found “hidden backdoors” in Huawei software that could have given Huawei unauthorized access to one of its networks in Italy that provides internet service.
Huawei’s critics are likely to seize on the report as evidence that the company presents a security risk. Vodafone, however, quickly pushed back on the story.
The company said in a statement that the issues were identified via routine security testing and resolved in 2011 and 2012. It said there was no evidence of any unauthorized access.
Huawei said in a statement that the issues were addressed years ago. “Software vulnerabilities are an industry-wide challenge,” a spokesperson said.
For European companies inclined to stand by Huawei, it’s another headache.
“[The] Vodafone claims could reopen many of the discussions that were archived as recently as last week,” Talmesio said.