Nokia Slams Huawei For ‘Serious’ Security Flaws – Updated

One of the main beneficiaries of Huawei’s blacklisting by the American government has slammed the Chinese networking giant.

Nokia hit out at unfair Chinese business practices in the past, and warned against what it claims are “serious” vulnerabilities found in Huawei’s equipment.

This is the first time that one of main opponents of Huawei has publicly made such critical comments. Both Nokia and Ericsson stand to benefit the most from Huawei’s troubles, and the Chinese firm has firmly rejected Nokia claims, and said its comments were misleading.

Security risk?

Nokia said that the UK should be wary of using Huawei equipment, as vulnerabilities in its telecom equipment meant it posed a risk to 5G networks.

Nokia’s chief technology officer Marcus Weldon told the BBC that the pressure from the US was serving as a counterbalance to unfair financial advantages that Huawei had enjoyed in the past (allegedly state subsidies, soft loans and access to large procurement projects in China).

“It’s fairness returning to the market,” Weldon told the BBC. “We were disadvantaged in the past relative to the practices that the Chinese were allowed to have in terms of funding mechanisms.”

Weldon also went on the attack over the issue of security, and said that Nokia’s equipment was “a safer bet”” for mobile operators.

Weldon reportedly pointed to a new report from US security firm Finite State, which detailed vulnerabilities in Huawei enterprise networking equipment.

“In virtually all categories we studied,” the report said, “we found Huawei devices to be less secure.”

Others have also been less than complementary about Huawei’s security.

In April the technical director of the National Cyber Security Centre (NCSC) in the UK criticised Huawei’s “very, very shoddy” security engineering and said this “poor engineering” could lead to the gear being banned from Westminster and other sensitive areas.

And in March British security officials slammed the security defects in Huawei equipment, although they maintained that risks posed by the company could be managed and that they have found no evidence of malicious action on Huawei’s part.

Last year the Huawei Cyber Security Evaluation Centre (HCSEC), which works with the NCSC to oversee Huawei products destined for use in the UK, called attention to “major defects” in the quality of Huawei’s security and software engineering and “concerning issues in Huawei’s approach to software development”.

“We read those reports and we think OK, we’re doing a much better job than they are,” Weldon told the BBC. He admitted that Nokia’s equipment was not subject to the same checks in the UK as Huawei, but insisted that it did face scrutiny around the world.

And Weldon said that Huawei’s failings were serious.

“Some of it seems to be just sloppiness, honestly, that they haven’t patched things, they haven’t upgraded,” he reportedly said. “But some of it is real obfuscation, where they make it look like they have the secure version when they don’t.”

Huawei Statement

Huawei meanwhile has denied that its equipment poses a security risk.

“These comments are misleading,” a spokesman was quoted as saying by the BBC.

“We believe secure, resilient networks can only be delivered by collaboration across the whole industry, working to common standards on privacy protection and cyber-security, so that all participants can be judged equally,” the spokesman reportedly said.

“We have a proven track record of delivering secure, trustworthy and high quality products to every major telecoms operator in Europe,” the spokesman added. “Cyber-security remains Huawei’s top priority and here, in the UK, we are subject to the most rigorous oversight compared to any competitors in our sector.”

Update: Nokia has since declared that the comments from Marcus Weldon do not reflect Nokia’s official position on the matter.

And Huawei UK got in touch with Silicon UK to insist that it wins customers by fair competition.

“Nokia’s statement that one executive’s comments on Huawei do not reflect their official position is recognition that ill-informed loose talk does not help our customers or the industry more widely,” Jerry Wang, CEO Huawei UK told Silicon UK in a statement.

“We win new business by fair competition and on the basis of our technology and customer focus, not by denigrating our competitors,” said Wang.

“Huawei is the world leader in 5G because our technology is the most advanced, as our market position confirms, we’ve already won 50 5G contracts globally, well ahead of the competition,” Wang added. “The best way to improve cyber security and ensure network resilience is for all vendors to agree to independent testing of their equipment and source code – just as we have done in the UK.”

Do you know all about security? Try our quiz!