Huawei's ability to eavesdrop on Dutch mobile users is a wake-up call for the telecoms industry

Paul, Greig (2021) Huawei's ability to eavesdrop on Dutch mobile users is a wake-up call for the telecoms industry. The Conversation. (https://theconversation.com/huaweis-ability-to-eav...)

[thumbnail of Paul-TheConversation-2021-Huaweis-ability-to-eavesdrop-on-Dutch-mobile-users-is-a-wake-up-call]
Preview
 Text. Filename: Paul_TheConversation_2021_Huaweis_ability_to_eavesdrop_on_Dutch_mobile_users_is_a_wake_up_call.pdf
Final Published Version
License: Creative Commons Attribution-NoDerivatives 4.0 logo
Download (1MB)| Preview

Abstract

Chinese technology provider Huawei was recently accused of being able to monitor all calls made using Dutch mobile operator KPN. The revelations are from a secret 2010 report made by consultancy firm Capgemini, which KPN commissioned to evaluate the risks of working with Huawei infrastructure. While the full report on the issue has not been made public, journalists reporting on the story have outlined specific concerns that Huawei personnel in the Netherlands and China had access to security-essential parts of KPN’s network – including the call data of millions of Dutch citizens – and that a lack of records meant KPN couldn’t establish how often this happened. Both KPN and Huawei have denied any impropriety, though in the years since the 2010 report, Huawei has increasingly found itself labelled a high-risk vendor for telecoms companies to work with, including by the UK’s National Cyber Security Centre. To better understand this story, and to consider whether other telecoms networks may have had similar security vulnerabilities to KPN’s, we need to look at how complex mobile networks are run. KPN essentially granted Huawei “administrator rights” to its mobile network by outsourcing work to the Chinese firm. Legislation is only now catching up to prevent similar vulnerabilities in telecoms security.

CORE (COnnecting REpositories)