Spain may veto companies affiliated with third-country governments over 5G

Date:

The government will be able to remove from the critical part of the Spanish 5G network any device or computer program that comes from companies that pose a risk of “external interference”. That is, they or their supply chains have “connections with third-country governments” that they may be subject to “third-party pressure”, that they are not part of international cooperation agreements on cybercrime, or that they do not respect Spanish data protection laws.

These measures are included in the Royal Decree-Law “On Guaranteeing the Security of Fifth Generation Electronic Communications Networks and Services”, approved by the Council of Ministers as part of the “National Response Plan” for the War in Ukraine and published in K. BOE this Wednesday. The rule does not name a specific company or Russia. Nor does China accuse the US of using Huawei 5G equipment as a spying tool. The U.S. government has not yet offered proof of this, and the Chinese company denies it.

Pedro Sanchez approved a special law to protect the 5G network in the coronavirus recovery plan, but the executive decided to speed up its entry into force “due to the significant increase in the risk of cyber attacks for geostrategic reasons”. Official sources explain .. Following the Russian invasion of Ukraine, Spain has raised the level of cyber alerts from second to third (on a five-point scale) and called on officials and diplomats to increase their focus on cyber security in their environment.

The War Response Strategy approved by the Council of Ministers also includes a new “National Cyber ​​Security Plan” to improve the defense of small and medium-sized enterprises by 150 measures, to establish mechanisms for warning and responding to cyber attacks on local administrations, or to promote a “higher level of cyber security”. . He was rewarded with 1000 million euros. The content of the plan has not yet been announced and the Ministry of Economy and the Ministry of Economy and Digital Transformation did not provide further details when asked by todaytimeslive.com.

The plan also mentions the need to establish a General Administration Administration Cyber ​​Security Operations Center, a body first announced by Sanchez in 2018, which was re-launched in May 2021 due to an avalanche of cyber attacks carried out by them. Public institutions and this is now re-emerging in the government’s emergency plan.

At the moment, the only cybersecurity measure that has reached the BOE is the new 5G regulations. In them, the executive has offered protection based on reporting different levels of risk that may result from certain providers of this telecommunications technology.

To veto certain companies’s products from the critical part of 5G networks – those who control the network’s core, its control systems or even the entire network in specific geographical areas – the Council of Ministers must declare it a “high risk supplier”. Preliminary hearing for TV operators who may be affected by this decision as well as the company itself.

Royal Decree-Law sets a three-month deadline from this Wednesday for the government to first classify a supplier as “high risk” and freeze its presence in 5G infrastructure. The minimum period by which the standard allows operators to completely remove prohibited provider devices from their networks is one year. The UK started the same process in 2022 to completely exclude Huawei products from its infrastructure.

The “high-risk provider” may also not have any presence in nuclear power plant networks or “national defense centers” as well as in other areas that are particularly relevant to national security or the maintenance of basic services. Or sectors.Strategic. The full list of banned places is compiled by the National Security Council and its contents will be classified material.

The Royal Decree-Law also contains a new package of security regulations that TV operators must apply. “They are completely new and limited to 5G technology,” the sources of the Secretary of State for Telecommunications explained to this media.

One of the most awesome is the need to create a registry that includes everyone who opens a 5G box, be it physical or digital. Operators must “select and identify” professionals who can handle “all the assets that make up a telecommunications network, everything that creates and ensures the operation of a network, not just equipment, base stations, switches, etc., but also systems and applications (software).” Provision) ”, read more official sources.

The new law also emphasizes the need for telecom operators to develop a “supply chain diversification strategy” to avoid their systems being dependent on a single supplier, a plan that they must periodically update and submit to the Ministry of Foreign Affairs. Economic. They must also undergo an external cyber security audit.

Source: El Diario

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Share post:

Subscribe

Popular

More like this
Related