The AchieVer Posted March 8, 2019 Share Posted March 8, 2019 Germany planning 'trustworthy' supplier requirement for all networks and 5G A draft of updated security requirements is set to appear in Northern Hemisphere's spring. Germany's Federal Network Agency, the Bundesnetzagentur (BNetzA), published on Thursday a set of planned additional security requirements for telco networks within the country, which are due to appear in draft form during the Northern Hemisphere's spring. The BNetzA pointed out that the requirements will apply to all networks, not just 5G. "Systems may only be sourced from trustworthy suppliers whose compliance with national security regulations and provisions for the secrecy of telecommunications and for data protection is assured," the first requirement BNetzA states. "Network traffic must be regularly and constantly monitored for any abnormality and, if there is any cause for concern, appropriate protection measures must be taken." Further, components may only be used if they are certified by the Federal Office for Information Security and have undergone approved, regular testing. "Proof must be provided that the hardware tested for the selected, security-related components and the source code at the end of the supply chain are actually deployed in the products used," BNetzA said. The planned requirements will force German telcos to avoid using a single vendor, and only "trained professionals" will be allowed to work in security-related areas. In situations where telcos outsource this type of work, "professionally competent, reliable, and trustworthy contractors" must be used. "We revise the security requirements on a regular basis in light of the current security situation and technological developments," Bundesnetzagentur president Jochen Homann said. "Security requirements apply to all network operators and service providers, irrespective of the technology they deploy. All networks, not just individual standards like 5G, are included." The German publication comes as Huawei announced yesterday it had filed to sue the US government. Huawei rotating chair Guo Ping said in Shenzhen on Thursday that the company was seeking a declaratory judgement that the National Defense Authorization Act, which forbids US government entities from using Huawei or ZTE equipment, as unconstitutional, as well as seeking a permanent injunction against the restrictions. "The US government has long branded Huawei a threat. It has hacked our servers and stolen our emails and source code," Guo Ping said. "Despite this, the US government has never provided any evidence supporting their accusations that Huawei poses a cybersecurity threat. "Still, the US government is sparing no effort to smear the company and mislead the public about Huawei. Even worse, the US government is trying to block us from the 5G markets in other countries." At the end of last year, reports said the Five Eyes alliance containing the US, the UK, Australia, Canada, and New Zealand, was passing classified information on Chinese foreign interference to countries such as Germany and Japan. In December, the Czech Republic's National Cyber and Information Security Agency issued a warning against equipment Huawei and ZTE. "China's laws, among other things, require private companies residing in China to cooperate with intelligence services, therefore introducing them into the key state systems might present a threat," says the director of NCISA Dusan Navrátil. Navrátil also warned that China "actively pursues its interests in the territory of the Czech Republic, including influence and espionage intelligence activities". Earlier this week, former Australian Prime Minister Malcolm Turnbull said the ban Australia placed on Huawei was not done at the behest of another nation or for protectionist reasons, but because it defended Australia's sovereigntyand as a "hedge against changing times". "It is important to remember that a threat is the combination of capability and intent," he said. "Capability can take years, decades to develop. And in many cases won't be attainable at all. But intent can change in a heartbeat." Turnbull bemoaned that the Five Eyes members did not have a company capable of competing in 5G. "In many discussions with my western counterparts, I raised the concern that we, and in particular the Five Eyes, had got to the point where there were now essentially four leading vendors of 5G systems -- two Chinese, Huawei and ZTE, and two European, Ericsson and Nokia," Turnbull said. "With the benefit of hindsight it beggars belief that the countries which pioneered wireless technology -- the United States, the UK, Germany, Japan and with WiFi, Australia -- have got to the point where none of them are able to present one of their own telcos [as] a national, or a Five Eyes, champion in 5G." Source Link to comment Share on other sites More sharing options...
Germany's Federal Network Agency, the Bundesnetzagentur (BNetzA), published on Thursday a set of planned additional security requirements for telco networks within the country, which are due to appear in draft form during the Northern Hemisphere's spring. The BNetzA pointed out that the requirements will apply to all networks, not just 5G. "Systems may only be sourced from trustworthy suppliers whose compliance with national security regulations and provisions for the secrecy of telecommunications and for data protection is assured," the first requirement BNetzA states. "Network traffic must be regularly and constantly monitored for any abnormality and, if there is any cause for concern, appropriate protection measures must be taken." Further, components may only be used if they are certified by the Federal Office for Information Security and have undergone approved, regular testing. "Proof must be provided that the hardware tested for the selected, security-related components and the source code at the end of the supply chain are actually deployed in the products used," BNetzA said. The planned requirements will force German telcos to avoid using a single vendor, and only "trained professionals" will be allowed to work in security-related areas. In situations where telcos outsource this type of work, "professionally competent, reliable, and trustworthy contractors" must be used. "We revise the security requirements on a regular basis in light of the current security situation and technological developments," Bundesnetzagentur president Jochen Homann said. "Security requirements apply to all network operators and service providers, irrespective of the technology they deploy. All networks, not just individual standards like 5G, are included." The German publication comes as Huawei announced yesterday it had filed to sue the US government. Huawei rotating chair Guo Ping said in Shenzhen on Thursday that the company was seeking a declaratory judgement that the National Defense Authorization Act, which forbids US government entities from using Huawei or ZTE equipment, as unconstitutional, as well as seeking a permanent injunction against the restrictions. "The US government has long branded Huawei a threat. It has hacked our servers and stolen our emails and source code," Guo Ping said. "Despite this, the US government has never provided any evidence supporting their accusations that Huawei poses a cybersecurity threat. "Still, the US government is sparing no effort to smear the company and mislead the public about Huawei. Even worse, the US government is trying to block us from the 5G markets in other countries." At the end of last year, reports said the Five Eyes alliance containing the US, the UK, Australia, Canada, and New Zealand, was passing classified information on Chinese foreign interference to countries such as Germany and Japan. In December, the Czech Republic's National Cyber and Information Security Agency issued a warning against equipment Huawei and ZTE. "China's laws, among other things, require private companies residing in China to cooperate with intelligence services, therefore introducing them into the key state systems might present a threat," says the director of NCISA Dusan Navrátil. Navrátil also warned that China "actively pursues its interests in the territory of the Czech Republic, including influence and espionage intelligence activities". Earlier this week, former Australian Prime Minister Malcolm Turnbull said the ban Australia placed on Huawei was not done at the behest of another nation or for protectionist reasons, but because it defended Australia's sovereigntyand as a "hedge against changing times". "It is important to remember that a threat is the combination of capability and intent," he said. "Capability can take years, decades to develop. And in many cases won't be attainable at all. But intent can change in a heartbeat." Turnbull bemoaned that the Five Eyes members did not have a company capable of competing in 5G. "In many discussions with my western counterparts, I raised the concern that we, and in particular the Five Eyes, had got to the point where there were now essentially four leading vendors of 5G systems -- two Chinese, Huawei and ZTE, and two European, Ericsson and Nokia," Turnbull said. "With the benefit of hindsight it beggars belief that the countries which pioneered wireless technology -- the United States, the UK, Germany, Japan and with WiFi, Australia -- have got to the point where none of them are able to present one of their own telcos [as] a national, or a Five Eyes, champion in 5G." Source
Recommended Posts
Archived
This topic is now archived and is closed to further replies.