The Security of 5G : Written Evidence Submitted by the University of Strathclyde

Paul, Greig and Irvine, James and Johnson, Richard and Craig, Anthony (2020) The Security of 5G : Written Evidence Submitted by the University of Strathclyde. UK Parliament, London. (https://committees.parliament.uk/writtenevidence/1...)

[thumbnail of Paul-etal-2020-Security-of-5G-networks-written-evidence-submitted-by-the-university-of-strathclyde]
Preview
Text. Filename: Paul_etal_2020_Security_of_5G_networks_written_evidence_submitted_by_the_university_of_strathclyde.pdf
Final Published Version
License: Open Parliament Licence v3.0

Download (370kB)| Preview

Abstract

There are several key technical risks to the UK’s5G and wider mobile network infrastructure. Principally, these cover espionage, sabotage, and blackmail . The Committee should ensure they do not overlook the “sabotage”angle – being able to disable the UK’s mobile networks would have devastating impact on the economy,public safety, and wider society . This discussion needs to be about more than purely 5G networks however –the committee needs to focus on existing 4G networks as well – 4G and 5Gnetworks are deeply intertwined, and for each site, mobile operators need to deploy 5G from the same vendor as they use on that site for4G. This plays into the economic arguments made by operators against a ban on Huawei – there is significant deliberate “vendor lock-in” ,meaning mobile operators did not face a genuine competitive choice between providers – those who had adopted Huawei 4G systems would need to remove and replace those existing 4G systems. Further significant use of Huawei risks further entrenching their equipment,making it even more costly to remove in future . The interdependency between networks also means that the option of switching back to a 4G does not exist should problems arise with the 5G network. Should any capability remain, it is likely to be only a very limited 2G service with practically no data service provision. The Government’s own advice from HCSEC around very limited assurance of Huawei equipment appears to significantly contradict the assurances Government appears to have ,and the Committee should explore this area further as a matter of priority (details enclosed). The UK’s decision could well affect the UK’s geopolitical position.The UK’s soft power on an international stage may be diminished by the decision ,particularly since much of its soft power is derived from a dedication to democracy, human rights, and civil liberties. The UK’s international standing,particularly with the US, could be impacted by as few as 3 or 4 individual senators ,regardless of the quality of relations with the White House.The wider impact of the political sentiment of decisions should therefore be considered. From an international prestige and status perspective, even some minor sabotage (i.e. short-term deliberate outage of a UK mobile network)could make the UK look significantly weakened on an international stage, and harm the country’s reputation as a reliable place to do business. Given the Chinese state’s past behaviour on offensive cyber action, and Huawei’s apparently close links to the Chinese state, there is an elevated potential cyber threat presented. From an international relations and diplomacy perspective, a dependency on another state for critical infrastructure is a weakness which can be exploited by others.