Categories
IT Security

5G Cybersecurity

What is 5G Technology Security?

5G technology for broadband cellular networks represents a complete transformation of telecommunication networks. 5G offers increased bandwidth, increased capacity, and low latency, significantly improving how humans and machines communicate, operate, and interact in both the physical and virtual worlds. With 5G rolling out more widely and its technology evolving, providers, operators, customers, cybersecurity professionals, organizations, and governments should consider 5G cybersecurity challenges and what resources are available to address them. The Cybersecurity & Infrastructure Security Agency (CISA) offers the following considerations1:

Risks. Risks from 5G deployment include:

  • Attempts by threat actors to influence the design and architecture of 5G networks.
  • Susceptibility of the 5G supply chain due to the malicious or inadvertent introductions of vulnerabilities.
  • Current 5G deployments leveraging legacy infrastructure and untrusted components with known vulnerabilities.
  • Limited competition in the 5G marketplace resulting in more proprietary solutions from untrusted vendors.
  • 5G technology potentially increasing the attack surface for malicious actors by introducing new vulnerabilities.

5G competencies and strategic initiatives. CISA has developed initiatives that include associated objectives to ensure there are policy, legal, security, and safety frameworks in place to fully leverage 5G technology while managing its significant risks. CISA’s 5G strategy includes the following three core competencies:

  • Risk Management. Promote secure and resilient 5G deployment by leading efforts to identify, analyze, prioritize, and manage risks.
  • Stakeholder Engagement. Actively engage federal, state, local, tribal and territorial, industry, association, academia, non-profit, and international partners to address 5G challenges.
  • Technical Assistance. Update and develop instructional tools and services to support stakeholders with the planning, governance, operational, and technical aspects of secure 5G deployment.

CISA’s 5G strategy includes the following five strategic initiatives:

  • Strategic Initiative 1. Support 5G policy and standards development by emphasizing security and resilience: Developing 5G policy, best practices, and standards that emphasize security and resilience to prevent attempts by threat actors to influence the design and architecture of 5G networks.
  • Strategic Initiative 2. Expand situational awareness of 5G supply chain risks and promote security measures: Educating stakeholders on 5G supply chain risk, particularly around vendors, equipment, and networks to promote leading security practices within the public and private sector.
  • Strategic Initiative 3. Partner with stakeholders to strengthen and secure existing infrastructure to support future 5G deployments: Strengthening and securing existing infrastructure to support future 5G deployments by recommending improvements for existing 4G Long-Term Evolution (LTE) infrastructure and core networks.
  • Strategic Initiative 4. Encourage innovation in the 5G marketplace to foster trusted 5G vendors: Catalyzing innovation in the 5G marketplace to foster trusted 5G vendors.
  • Strategic Initiative 5. Analyze potential 5G use cases and share information on risk management strategies: Assessing risk mitigation techniques on 5G use cases in order to share and popularize strategies that continue to secure the NCFs.

1 CISA, 2022, “5G Security and Resilience”