Hostile State Takeover Tops Europe’s List of 5G Worries

(Bloomberg) -- The European Union has warned against a nightmare scenario whereby hackers or hostile states assume control of everything from electricity grids to police communications and even home appliances, in a report assessing the security risks stemming from the roll out of 5G technology.

The review, first reported by Bloomberg News on Tuesday and officially published Wednesday, doesn’t name China or Huawei, it paves the way for regulatory measures such as restricting an over reliance on telecom equipment from a single supplier, especially if the latter is based in a country with poor democratic standards.

“Hostile third countries may exercise pressure on 5G suppliers in order to facilitate cyberattacks serving their national interests,” the EU said in its 24-pages report to be published on Wednesday. Suppliers may be subjected to pressure because of their ownership, their home country’s legislation and states, experts at the EU wrote.

The document, originally coded “amber” for a restricted circulation, points to non-democratic countries that could exert pressure and poses a risk of spying. It warned in its conclusions that the new technology will “increase the number of attacks paths that could be exploited by threat actors, in particular non-EU states or state-backed actors, because of their capabilities (intent and resources) to perform attacks against EU Member States telecommunications networks.”

“5G is going to be the backbone, the digital plummming, of our societies and economies,” said Security Union Commissioner Julian King to reporters. “It’s going to carry very sensitive information.”

While the U.S. has in the past briefed EU member states on its opinion regarding 5G-related security, the current risk assessment was done only by the member states without any third-party involvement, said Minna Kivimäki, deputy-permanent representative of Finland to the EU.

The EU is calling on its members states to revise their security systems ahead of the deployment of the 5G technology citing risks ranging from state-backed espionage, to sabotage through malware by criminal groups and denial of services that would block end users appliances. It also warned countries and operators of the risks of relying on a sole supplier to build their infrastructure of the risks, without citing countries like Italy who have already signed deals with Huawei.

The European Commission, the bloc’s executive branch, will unveil its assessment of 5G security risks Wednesday, as Washington continues to pressure allies to reject Huawei from its future networks. U.S. officials have threatened to cut off intelligence with countries that don’t, while not ruling out other potential penalties.

“EU-based operators who become overly dependent on a single equipment supplier are exposed to a number of risks caused by that supplier coming under sustained commercial pressure, whether due to commercial failure, being subject to a merger or acquisition, or being placed under sanctions,” according to the report.

The assessment is set to serve the basis for European-wide measures in the area, including possibly designating vendors like Huawei as “non-secure.” It was written following contributions sent send by all members states, including Germany and France.

The Commission sought to explore the full range of risks ranging from vital industries capacity to function to “democratic processes, such as elections” that will eventually rely on the 5G system to work.

While any decision to ban Huawei would ultimately rest with the capitals -- and no European country has yet decided to fully ban the company from its networks -- the EU-wide approach could make it more difficult for Beijing to retaliate against any individual European country that takes too hard a line against Huawei.

U.S. and European officials have raised concerns about partnering with Chinese equipment makers like Huawei following a 2017 Chinese law that mandates any organization and citizen to support and assist national intelligence in their investigations.

--With assistance from Natalia Drozdiak and Stefan Nicola.

To contact the reporters on this story: Nikos Chrysoloras in Brussels at nchrysoloras@bloomberg.net;Helene Fouquet in Paris at hfouquet1@bloomberg.net

To contact the editors responsible for this story: Giles Turner at gturner35@bloomberg.net, Andrew Martin

©2019 Bloomberg L.P.