The head of the GCHQ has issued a new warning about the potential threat to Britain’s national security of allowing Chinese tech firms to become involved in Britain telecoms network.
In a rare public speech, Jeremy Fleming will say the drive by Chinese companies to become involved in the Western telecoms sector represents “a hugely complex technological challenge”.
In a wide-ranging address, he will emphasise the importance of the UK possessing the offensive capability to “project” cyber power to “deny, disrupt or degrade” in the event of hostile action.
His comments come after MI6 chief Alex Younger last year expressed concern about the potential involvement of the Chinese tech giant Huawei in the UK’s 5G mobile network.
In his address to government, military and industry figures from across South East Asia, Mr Fleming will say no decisions have been taken on 5G, with a Government review due to report in the spring.
However he will say it is essential the potential risks of allowing Chinese firms to become involved need to be properly understood.
He will say: “We have to understand the opportunities and threats from China’s technological offer.
“Understand the global nature of supply chains and service provision irrespective of the flag of the supplier.
“Take a clear view on the implications of China’s technological acquisition strategy in the West.
“And help our Governments decide which parts of this expansion can be embraced, which need risk management, and which will always need a sovereign, or allied, solution.
“It’s a hugely complex strategic challenge which will span the next few decades….probably our whole professional lives.
“How we deal with it will be crucial for prosperity and security way beyond 5G contracts.”
He will stress the need for stronger cyber security across the telecoms sector in a market which does not incentivise good cyber security practices.
“Vulnerabilities can and will be exploited. But networks should be designed in a way that cauterises the damage,” he will say.
With around half the 1,100 incidents handled by the UK National Cyber Security Centre (NCSC) over the last two years involving state actors, Mr Fleming will say there is a need for an internationally agreed system of ethics and standards for operating in cyberspace.
“Some of the behaviour we’ve seen from certain states or criminals is clearly wrong in any circumstance.
“An attack on a hospital’s IT, or on a country’s electoral system will always require sanction,” he will say.
“Unchecked, we’re heading for an even less governed space where rights and wrongs are not automatically recognised and where acceptable behaviours are not a given.”
At the same time he will say the UK needs to ensure programmes such as the NCSC’s Active Cyber Defence programme are implemented at a scale that makes “a truly, nationally, and potentially internationally, transformative difference”.
“The ability, in extremis, to be able to use cyber tools to disrupt, deny or degrade is the most contentious and least well understood aspect of cyber power,” he will say.
“But in the right context, governed by appropriate international and domestic laws, offensive cyber is an essential part of a nation’s cyber tool kit.”
Ultimately, he will say that Britain continuing national security in cyberspace will depend on its ability to act in concert with international allies.
“Our future security will be guaranteed not by the quality of our coding, the design of our silicon, or the cunning of our cyber operators – but by the bonds that tie us together and the relationships that give us confidence to act decisively against common threats,” he will say.