ZTE has launched a cybersecurity testing lab in Brussels in an attempt to improve transparency.
The firm’s new Cybersecurity Lab Europe is designed to alleviate lawmakers’ concerns over the security of its 5G equipment.
The lab, which joins similar facilities in Nanjing and Rome, will allow regulators to review source code and documents, and conduct black box and penetration testing.
“ZTE’s original intention of the Cybersecurity Lab Europe is to provide global customers, regulators and other stakeholders with great transparency by means of verification and communication,” said ZTE chief security officer, Zhong Hong. "The security for the ICT industry cannot be guarded by one sole vendor, or by one sole telecoms operator. ZTE is willing to play an important role in contributing to the industry's security along with its customers and all other stakeholders.”
The move can be seen in the context of escalating Sino-US tension over the potential for Chinese tech firms to introduce backdoors to new 5G networks, which could be seen as a national security risk.
Although ZTE and larger Shenzhen rival Huawei have both professed their innocence, US hawks warn that they would be powerless to resist an order from Beijing to provide access to such networks if one was issued.
While the US and Australia have banned Chinese companies from bidding for 5G network projects, the UK has still formally to choose a provider and many European countries are more willing to use Chinese equipment to build 5G.
However, ZTE has something of a chequered past, having been found guilty of breaching a US embargo on Iran by selling equipment to the Islamic Republic containing US components, and then lying to try and cover its tracks.
After Washington responded by banning US firms from selling the firm components it faced virtual collapse before Donald Trump decided to relax the moratorium as part of his ‘deal’ making.
The UK’s National Cyber Security Centre (NCSC) issued a damning report on ZTE last year, claiming that the national security risks of using its equipment in telecoms infrastructure “cannot be mitigated.”