Consumer Electronics Daily was a Warren News publication.
Carr Pleased

FCC Considers Blocking Devices From Chinese Gearmakers

April 27, 2021 by Howard Buskirk|Top News

The FCC remains focused on ensuring that 5G and other networks are secure, acting Chairwoman Jessica Rosenworcel said Monday at a virtual workshop on supply chain security, held in conjunction with the Office of the Director of National Intelligence. Rosenworcel said the FCC is exploring whether untrusted vendors should be excluded from the FCC equipment authorization program. Commissioners Brendan Carr and Nathan Simington urged more focus on device security.

When it comes to network security, the threats are real, the stakes are high, and our defenses need to constantly evolve and improve,” Rosenworcel said. Just saying no isn’t a strategy, “so we’re moving fast,” she said.

Carr was “very pleased” that Rosenworcel mentioned barring devices from covered list companies from being certified by labs under FCC rules. “I look forward to continuing to work with her and my colleagues at the FCC to move that forward,” he said: “We can’t move too fast … given the threats.” Carr previously urged blocking gear from Chinese vendors from being certified by the FCC (see 2103300071). Such companies didn’t comment. An FCC spokesperson said then that Rosenworcel was already looking at equipment authorization.

Revisit this process to explore how it can be used to encourage device manufacturers to build security into new products,” Simington said. The FCC could build on the National Institute of Standards and Technology’s draft recommendations for making IoT devices more secure, he said. “We cannot forget connected consumer and industrial IoT devices and the physical layer security improvements that the commission is uniquely poised to address.”

We’ve reached a point where we are never that far removed from new reports of a security breach,” Rosenworcel said. Most recently, there were reports from the Netherlands that a decade ago, KPN, one of the country’s largest wireless providers, looked at using Huawei, she said. “Huawei denied any wrongdoing, but KPN was the first European operator to reverse course and exclude the company from its core 5G network.”

The FCC is “putting the finishing touches” on a program to replace untrusted equipment in wireless networks, Rosenworcel said. It's also coordinating with other federal agencies and nations, she said. The FCC is “broadening” its approach to look at services as well as equipment, she said.

Commissioner Geoffrey Starks said that trends including the "disappearance of American telecom hardware from the sector and the growing role of Chinese vendors have compelled the FCC to embrace its role.” Starks said use of ORAN technology as smaller providers replace Chinese equipment would mean more transparent networks, but those providers have questions and can’t afford to experiment. The smallest providers face the biggest risks, Starks said. He also emphasized the importance of device security.

Other federal officials said supply chain security is a focus of the broader Joe Biden administration, as it was under former President Donald Trump.

Cyberattacks on our nation’s networks are growing more sophisticated, frequent and aggressive,” said Brandon Wales, acting director of the Cybersecurity and Infrastructure Security Agency. “Today, cyber actors are relentlessly exploiting vulnerabilities and developing new techniques to target all tiers of the … supply chain.” The SolarWinds attack (see 2103190014) was “a case study in the criticality of protecting the supply chain” and a “wake-up call,” he said. The attack was “highly sophisticated” and “used novel techniques and advanced trade craft and remained undetected for an extended period.”

Government has safety standards for food and appliances, said Joyce Corell, assistant director of the Supply Chain and Cyber Directorate at the National Counterintelligence and Security Center. “Do we need to have safety standards in other industries?”