Nikos Chrysoloras and Helene Fouquet (Bloomberg) -- The European Union will warn against a nightmare scenario whereby hackers or hostile states assume control of everything from electricity grids to police communications and even home appliances, in a report assessing the security risks stemming from the rollout of 5G technology.
While the report, seen by Bloomberg News and due to be published Wednesday, doesn’t name China or Huawei, it paves the way for regulatory measures such as restricting an over reliance of telecom equipment from a single supplier, especially if the latter is based in a country with poor democratic standards.
“Hostile third countries may exercise pressure on 5G suppliers in order to facilitate cyberattacks serving their national interests,” the EU said in its 24-page report to be published on Wednesday. Suppliers may be subjected to pressure because of their ownership, their home country’s legislation and states, experts at the EU wrote.
The document, which is coded “amber” for a restricted circulation, points to non-democratic countries that could exert pressure and poses a risk of spying. It warned in its conclusions that the new technology will “increase the number of attacks paths that could be exploited by threat actors, in particular non-EU states or state-backed actors, because of their capabilities (intent and resources) to perform attacks against EU Member States telecommunications networks.”
The EU is calling on its member states to revise their security systems ahead of the deployment of the 5G technology citing risks ranging from state-backed espionage, to sabotage through malware by criminal groups and denial of services that would block end users appliances. It also warned countries and operators of the risks of relying on a sole supplier to build their infrastructure of the risks, without citing countries like Italy who have already signed deals with Huawei.
The European Commission, the bloc’s executive branch, will unveil its assessment of 5G security risks Wednesday, as Washington continues to pressure allies to reject Huawei from its future networks. U.S. officials have threatened to cut off intelligence with countries that don’t, while not ruling out other potential penalties.
“EU-based operators who become overly dependent on a single equipment supplier are exposed to a number of risks caused by that supplier coming under sustained commercial pressure, whether due to commercial failure, being subject to a merger or acquisition, or being placed under sanctions,” according to the report.
The assessment is set to serve the basis for European-wide measures in the area, including possibly designating vendors like Huawei as “non-secure.” It was written following contributions sent send by all members states, including Germany and France.
The Commission sought to explore the full range of risks ranging from vital industries capacity to function to “democratic processes, such as elections” that will eventually rely on the 5G system to work.
While any decision to ban Huawei would ultimately rest with the capitals -- and no European country has yet decided to fully ban the company from its networks -- the EU-wide approach could make it more difficult for Beijing to retaliate against any individual European country that takes too hard a line against Huawei.
U.S. and European officials have raised concerns about partnering with Chinese equipment makers like Huawei following a 2017 Chinese law that mandates any organization and citizen to support and assist national intelligence in their investigations.