UK mobile networks ‘must rethink’ 5G readiness

Telecommunications providers need to re-evaluate their approach to cybersecurity, with more resilience and diversity in the supplier market.
26 February 2019

Silhouette of 5G smart cellular network antenna base station. Source: Shutterstock

In this era of globalized technology, next-generation telecommunications standards such as 5G will have a huge impact on businesses, governments and individuals the world over.

In the UK, there has been much said about the security of its future 5G networks and the associated risks; the ongoing Huawei saga— and alleged threat of Chinese interference—  being part of that equation.

In a recent and frank speech at CyberSec in Brussels, the CEO of the UK’s National Cyber Security Centre (NCSC), Ciaran Martin, urged mobile networks in the telecommunications sector to rethink their position.

“If you’ve built a telecommunications network in a way that the compromise of one supplier can cause catastrophic national harm, then you’ve built it the wrong way,” he said.

Martin believes that there are three technical pre-conditions for secure 5G networks. Firstly, there must be higher standards of cybersecurity across the entire telecommunications sector.

“The biggest threat to our cybersecurity is weak cybersecurity […] that is the real lesson of the 1,200 cybersecurity incidents […] the market does not currently incentivize good cybersecurity and this has to change,” he added.

Secondly, Martin said its time for telecoms networks to become more resilient. He says that it’s only natural for global supply chains to have multiple vulnerabilities, whether intentionally or unintentionally.

“But the networks can and should be designed in a way that will cauterize the damage […] resilience is key,” he said.

A third pre-condition flows from that. Martin believes there must be a ‘sustainable diversity’ in the supplier market.

“Any company in an excessively dominant market position will not be incentivized to take cybersecurity seriously,” he explained.

Martin said these pre-conditions are technical, generic, and they are about the technology, the architecture and the structure of the telecommunications networks.

On mitigating the risks posed by Huawei’s presence in UK networks, Martin said that the company’s presence is subjected to a detailed, formal oversight led by the NCSC, adding that 15 years of dealings with the company and ten years of formally agreed mitigation strategies have resulted in the agency having wealth of understanding of the company.

“Our regime is arguably the toughest and most rigorous oversight regime in the world for Huawei,” he stressed, adding that successful 5G adoption will balance on having stronger standards, more resilience, and supplier diversity.

According to Martin, 5G security is not a simple, binary choice. It is about complex technical functions, a complex global threat environment, and a complex global market.

“So, whether it’s future telecommunications infrastructure, or digital security more generally, we want to work with everyone across Europe and beyond to push these changes, to deliver the digital world we all want to see, one that is not just free and prosperous, but safer as well,” he concluded.