National Cyber Security Centre
Advice for Huawei customers after US gives company a temporary general licence
On Wednesday 15 May 2019, the United States of America’s Commerce Department placed Huawei and 70 affiliates on its “Entity List”, meaning that Huawei’s US suppliers would be unable to provide products and support without US Government approval.
In the short term, the main cyber security impact on Huawei’s existing handset customers would be on the availability of software updates for Android. There are different types of updates for Android which would be affected in different ways.
On Monday 20 May 2019, the US Commerce Department issued a temporary general licence (TGL) restoring Huawei’s ability to maintain some existing products – for consumers, this is restricted to handsets. The TGL is currently set to expire on 19 August 2019.
The NCSC understands that the TGL allows companies to provide support and services to handsets that were available to the public before 16 May 2019. Each company will make its own choice about whether to do so.
What does this mean for Huawei customers?
Customers should continue to update their devices as normal, in line with existing NCSC advice. Our advice will be updated if we become aware of any security concerns.
The NCSC continues to assess the situation and will provide actionable advice for Huawei customers.
For Huawei’s Android consumer products, Google is a main supplier. It has been widely reported that Google restricted its dealings with Huawei in response to the Entity Listing. Google have not yet made an announcement over how the TGL affects their position.
Latest News from
National Cyber Security Centre
Small businesses given support to bounce back from cyber attacks13/06/2019 11:15:00
The NCSC has published guidance for small businesses looking to prepare their response to and plan their recovery from a cyber incident.
HRH The Duke of York hosts cyber experts of the future28/05/2019 14:15:00
The 40 CyberFirst Girls Competition 2019 finalists enjoyed afternoon tea at WIndsor Castle.
Alert: Microsoft SharePoint remote code vulnerability17/05/2019 13:15:00
The NCSC has seen high levels of successful attacks against UK organisations so system owners need to check that actions have been taken against this vulnerability.
Data breach roles outlined at cyber conference26/04/2019 09:15:00
Victims of cyber incidents will benefit from an improved approach to breaches between the UK’s technical authority for cyber threats and its independent authority for data protection.
Global intelligence agencies to share UK stage for first time at CYBERUK24/04/2019 15:15:15
'Five eyes' agencies will share a stage for the first time at CYBERUK 2019 to discuss global cyber attack resilience.
Most hacked passwords revealed as UK cyber survey exposes gaps in online security23/04/2019 14:15:00
The NCSC's first 'UK cyber survey' published alongside global password risk list.
Next-gen start-ups to partner with National Cyber Security Centre15/04/2019 15:20:00
Security experts are calling on cutting-edge tech entrepreneurs to help develop the next generation of cyber security solutions.
GCHQ cyber courses recognised by qualification board09/04/2019 08:20:00
CyberFirst courses recognised by the Scottish Qualifications Authority (SQA)