The U.S. National Security Agency (NSA) has released an advisory in response to warnings that attackers could compromise entire 5G networks by hijacking providers’ cloud resources.
https://media.defense.gov/2021/May/10/2002637751/-1/-1/1/POTENTIAL%20THREAT%20 PDF”>/1/POTENTIAL%20THREAT%20VECTORS%20TO%205G%20INFRASTRUCTURE.PDF
This advisory was published in collaboration with experts from the U.S. Cybersecurity Infrastructure and Security Agency and is part one of a four-part series we plan to publish on 5G security.
5G networks will be an attractive target for criminals and foreign adversaries to gain valuable information and intelligence. They may be used for espionage.
To address these concerns, the U.S. National Telecommunications and Information Administration (NTIA) has developed the National Strategy for Securing 5G, a strategy document that develops how the U.S. government will protect 5G infrastructure at home and abroad. “The National Strategy to Secure 5G is aligned with the National Cyber Strategy
and sets forth four initiatives in line with the National Cyber Strategy.(1) Promote the deployment of 5G in the country.
(2) Assess the cybersecurity risks to 5G capabilities and infrastructure and identify core security principles.
(3) Addressing risks to U.S. economic and national security in the development and deployment of 5G infrastructure around the world.
(4) Facilitating the responsible global development and deployment of secure and reliable 5G infrastructureThis analysis is not the culmination of the Working Panel’s initial thinking about the types of risks posed by 5G deployment in the United States.
This product is neither an exhaustive summary of the risks nor a technical examination of the attack methods, but is drawn from the considerable amount of analysis that already exists on this topic, including public and private sector research and analysis.
This series includes extensive guidance on preventing and responding to cyber attacks on 5G infrastructure and builds on the previous guide released in May by both organizations.
According to the NSA, Part 1 includes “recommendations to mitigate lateral movement attempts by malicious cyber actors who successfully exploit the vulnerability and gain initial access to 5G cloud systems.”
The NSA says that U.S. carriers involved in 5G deployments can practice these methods to avoid 5G infrastructure being compromised by foreign groups.
In addition to potential attacks on the cloud infrastructure that binds 5G networks together, this guide identifies the following other possible threats to 5G networks in the US.
- Counterfeit products – susceptible to cyber attacks, poor quality and fragile. Also, backdoors are possible.
- Ceded components – Compromised or weakly secured components can make their way into the US 5G network via complex supply chains, which needs to be investigated.
- Open standards – Hostile countries may contribute to open standards and require proprietary or untrustworthy technologies to be included.
- Optional controls – A standard may include optional security controls, but some network operators may not want to use them.
- Software/Configuration – Refers to vulnerabilities in 5G equipment that an attacker could use to compromise the equipment or its configuration.
- Network Security – refers to attacks on network equipment that could allow a threat actor to gain access to 5G infrastructure.
- Network slicing – The ability of network operators to divide the 5G network into zones based on the type of equipment connected to it. Threat actors can breach these zones to gain access to critical infrastructure.
- Integration of legacy communications – Vulnerabilities in legacy protocols could be exploited by threat actors to gain access to 5G infrastructure.
- Spectrum sharing – Malicious actors could interfere with non-critical communication paths, providing an opportunity to negatively impact more critical communication networks.
The NSA says it will publish the remainder of its guidance document on 5G security on this page in the coming weeks.
This series of articles demonstrates the national security benefits that have resulted from the joint efforts of CISA, NSA, and industry persistent security framework (ESF) experts
Service providers and system integrators who apply this guidance to build and configure 5G cloud infrastructures will contribute to improving national cybersecurity
Says Rob Joyce, director of cybersecurity for the NSA
Comments