SUMMARY
This is AI generated summarization, which may have errors. For context, always refer to the full article.
EDITOR’S NOTE: A previous version of this article failed to clarify that the information on specific network providers were not included in the position paper from UP ICT experts. Rappler got those information separate from unimpeachable sources. This has been corrected.
Information and communications technology experts from various campuses of the University of the Philippines have urged the UP administration to exercise caution in choosing a new provider in the planned system-wide upgrade of its network infrastructure.
In a position paper submitted to the university administration, members of the UP System Information and Communications Technology Committee (UP System-ICT Committee) held the collective position that it “must maintain the use of specifications that are based on the network equipment and devices currently installed, running, and maintained in the UP System and in the CUs (constituent universities).”
While the position paper did not make reference to any provider, sources privy to the negotiations told Rappler there had been active efforts from Huawei to convince UP decision makers to get its services. The current UP network infrastructure was established and has been maintained by Cisco.
What the position paper says
In the position paper, a copy of which was obtained by Rappler, UP System-ICT Committee members acknowledged any potential vulnerability of UP’s network infrastructures, saying that “through our network infrastructures and with access to our gateway routers, cyber actors can monitor, modify, and deny traffic to and from the UP networks.”
They added, “We are also aware that cyber actors with access to our internal routing and switching infrastructures can monitor, modify, and deny traffic to and from key hosts inside the UP networks and that through this same access, cyber actors can perform harmful operations and do actions that could steal, delete, and alter our academic, administrative, and research data.”
That being said, the collective position of the signatories was to maintain the use of specifications based on the network equipment and devices they currently have in the UP System and in its CUs.
The signatories argued introducing a new player could only trigger problems in the UP infrastructure network because of what they considered “unnecessary risks” arising from “untested and unfamiliar devices.”
The paper explained one reason was, “To ensure 100% compatibility with our existing network devices (transceivers, network controllers), including back-up devices and modules, in which the University has heavily invested in over several years. Introducing untested and unfamiliar devices has a high level of risk on the reliability of the network infrastructure.”
They also cited the necessity to keep the technical knowledge and skills obtained by the UP IT personnel, and that introducing a new tech provider does not necessarily mean UP could use the knowledge and skills of its IT personnel.
They added that making sudden changes may introduce issues with regard to compliance with “existing partnership agreements with international partners, such as the National Institutes of Health (NIH) of the United States of America.”
UP Manila currently has a partnership agreement with the US NIH, and maintaining compliance would entail keeping the use of equipment that wouldn’t potentially compromise the integrity and security of its existing infrastructure and systems.
The NIH Grants Policy Statement prohibits grant recipients and subrecipients from obligating or expending loan or grant funds to either procure or obtain; extend or renew a contract to procure or obtain; or enter into a contract to procure or obtain equipment, services, or systems from a set list of providers.
These include Huawei Technologies Company and ZTE Corporation for telecommunications equipment and Hytera Communications Corporation, Hangzhou Hikvision Digital Technology Company, and Dahua Technology Company in relation to video surveillance and telecommunications equipment.
Additionally, the signatories said UP’s current security setup “is already very stable, and introducing major changes in the network infrastructures will definitely open the University to unnecessary cybersecurity risks.”
The statement comes against the current background of aggressive cyber attacks targeting academic as well as government institutions such as De La Salle University, PhilHealth, the Philippine Statistics Authority, and the Department of Science and Technology.
Chinese telecommunications equipment providers including Huawei and ZTE remain in the scope of the US as a potential security threat, with other western countries such as Britain, France, and Sweden also placing limits and bans as far as network equipment for their domestic telecommunications companies are concerned.
With regards to Huawei, China’s state-owned media outlet CGTN, quoting Chinese Foreign Ministry spokesperson Wang Wenbin in June, denounced the claims in EU circles, saying the European Commission “cannot provide any evidence. This is a typical case of presumption of guilt.” – Rappler.com
Add a comment
How does this make you feel?
There are no comments yet. Add your comment to start the conversation.