Phone signals may cut out for days if networks are forced to remove Huawei equipment, executives from operators informed Members of Parliament. Representatives from Vodafone and BT told the Science and Technology Select Committee they would need at least five years to completely remove the Chinese firm's equipment without causing disruption. The government is currently reviewing a report from the National Cyber Security Centre (NCSC) and the potential security risk Huawei poses by being a part of 5G networks. A government decision in January permitted the Chinese firm limited access, but there is continued pressure to remove Huawei from communication networks entirely, and new US sanctions aimed at the firm's supply chain has sparked a review of the decision. Currently, Government policy permits Huawei to be in up to 35 percent of a 5G network, but as a “high-risk vendor”, it can not be present in the core parts of a network. When asked about the impact of being told to completely remove Huawei equipment from their networks should Government policy change, both Vodafone and BT warned that it would cost “billions of pounds” and could lead to some customers losing phone signal for several days. “Should the guidance become stricter it will have an effect, it will delay the rollout of our 5G, it will have cost implications and focus our investment in the removal of the existing equipment,” Andrea Dona, Vodafone UK's head of networks said. If the current guidelines were to be tightened and further restrictions were to be imposed, we would need to spend in the order of billions to change our current infrastructure.” Dona also said it would be “highly disruptive” for customers if the Government asked the firm to remove Huawei within two years and any swap would see customers “lose their signal”, in some cases for “a couple of days”. To avoid such a scenario, the Vodafone executive told MPs “a five-year transition plan” would be the minimum required. Vodafone had made similar warnings last year, saying that the cost of banning Huawei equipment would run into the “hundreds of millions”. BT's chief technology and information officer, Howard Watson added: “It is logically impossible to get to zero (Huawei presence) in a three-year period. “That would literally mean blackouts for customers on 4G and 2G, as well as 5G, throughout the country as we were to build that in. So we would definitely not recommend that we go down that route.” Earlier in the session, Huawei defended its security record and denied that it would be compelled to follow any orders given to it by the Chinese government. Huawei vice president Victor Zhang told MPs that it was independent of any government and it would always follow UK law. Zhang also urged the Government to give Huawei time to understand the implication of US sanctions before choosing to ban the company from digital infrastructure. He called the sanctions “unjustified” and said allegations about security were not true, adding that Huawei believed it could still successfully operate in the UK in the short term. “We have already submitted our initial assessment to our customers and to the NCSC and the initial solution is that in the short term there is Huawei's capability to supply to the UK's 5G and fiber solution, and we have already prepared for the next five years to make sure the UK's existing network will not be impacted by the sanctions,” he said. You want to learn more, please visit OUR FORUM.

A healthy percentage of Android users targeted by mobile malware or mobile adware last year suffered a system partition infection, making the malicious files virtually undeletable. That’s according to research from Kaspersky, which found that 14.8 percent of its users who suffered such attacks were left with undeletable files. These range from trojans that can install and run apps without the user’s knowledge, to less threatening, but nevertheless intrusive, advertising apps. “A system partition infection entails a high level of risk for the users of infected devices, as a security solution cannot access the system directories, meaning it cannot remove the malicious files,” the firm explained, in a posting on Monday. Moreover, the research found that most devices harbor pre-installed default applications that are also undeletable – the number of those affected varies from 1 to 5 percent of users with low-cost devices and reaches 27 percent in extreme cases. “Infection can happen via two paths: The threat gains root access on a device and installs adware in the system partition, or the code for displaying ads gets into the firmware of the device before it even ends up in the hands of the consumer,” according to the firm. In the latter scenario, this could lead to potentially undesired and unplanned consequences. For instance, many smartphones have functions providing remote access to the device. If abused, such a feature could lead to a data compromise of a user’s device. Among the most common types of malware that Kaspersky has found installed in the system partition of Android smartphones are two older threats: The Lezok and Triada trojans. “The latter is notable for its ad code embedded not just anywhere, but directly in libandroid_runtime — a key library used by almost all apps on the device,” according to the analysis. However, examining victims’ system apps revealed a wide range of threats. The Agent trojan for instance is an obfuscated malware that usually hides in the app that handles the graphical interface of the system, or in the Settings utility, without which the smartphone cannot function properly. The malware delivers its payload, which in turn can download and run arbitrary files on the device. Then there’s the Sivu trojan, which is a dropper masquerading as an HTMLViewer app. “The malware consists of two modules and can use root permissions on the device,” according to Kaspersky. “The first module displays ads on top of other windows, and in notifications. The second module is a backdoor allowing remote control of the smartphone. Its capabilities include installing, uninstalling, and running apps, which can be used to covertly install both legitimate and malicious apps, depending on the intruder’s goals.” The Plague adware app is another common threat that Kaspersky found installed in the system partition. It pretends to be a legitimate system service, calling itself Android Services – but in reality, it can download and install apps behind the user’s back, as well as display ads in notifications. “What’s more, Plague.f can display ads in SYSTEM_ALERT_WINDOW — a pop-up window that sits on top of all apps,” explained the researchers. The Necro.d trojan is unusual because it’s a native library located in the system directory. Its launch mechanism is built into another system library, libandroid_servers.so, which handles the operation of Android services. “At the command of the command-and-control (C2), Necro.d can download, install, uninstall and run apps,” explained the researchers. “In addition, the developers decided to leave themselves a backdoor for executing arbitrary shell commands. On top of that, Necro.d can download Kingroot superuser rights utility — seemingly so that the OS security system does not interfere with delivering ‘very important’ content for the user.” Further details can be found on OUR FORUM.