5G Network Security: U.S. Strategy Takes Shape
After years of hype on 5G wireless technology, a U.S. national strategy to secure new network build outs is beginning to take shape as widespread implementation nears. Last week, the House took a few steps in that direction by passing three bipartisan measures aimed at protecting fifth generation wireless networks and technologies.
For MSSPs (managed security services providers), the legislation may provide clues on how to monitor and manage 5G infrastructure as well as the data that flows across it.
Here’s what the House approved and what it means:
Secure 5G and Beyond Act of 2019. Requires the President to develop a secure next generation mobile communications strategy with the heads of the Federal Communications Commission, the National Telecommunications and Information Administration (NTIA), and Department of Homeland Security, as well as the Director of National Intelligence and the Secretary of Defense. The legislation would also require the President to develop a separate implementation plan for the strategy as carried out by the NTIA. The bill, introduced in May, 2019 and sponsored by Rep. Abigail Spanberger (D-VA), is also intended to protect 5G wireless networks from security threats posed by foreign suppliers.
Promoting United States Wireless Leadership Act of 2019. Directs the NTIA to encourage participation by American companies and other stakeholders in standards-setting bodies. It would also offer technical assistance to stakeholders who participate in developing standards for 5G networks and future generations of communications networks.
House Resolution 575. Encourages all 5G infrastructure stakeholders to adhere to the recommendation of the Prague Proposals, an international, multi-country cybersecurity framework endorsed by 32 countries, the European Union and NATO set at the 2019 Prague 5G Security Conference. The resolution would also encourage the President and federal agencies to promote trade and security policies on the international stage consistent with the Prague Proposals.
“The whole-of-government approach of the Secure 5G and Beyond Act will force the Trump Administration to get serious about protecting Americans as 5G services are deployed,” said Energy and Commerce Committee Chairman Frank Pallone, Jr. (D-NJ) and Communications and Technology Subcommittee Chairman Mike Doyle (D-PA), in a statement. “The timing is particularly important given the increased risk of cyber attacks arising from the conflict with Iran. All three of these bills are important for securing America’s wireless future, and we hope they won’t languish in the Senate,” the legislators said.
The three articles were preceded by a flurry of activity late last year surrounding the emerging communications technology. Last November, a bipartisan group of lawmakers told U.S. security advisor Robert O’Brien in a letter that 5G technology needs a national security coordinator to lead and unify the country’s emerging telecommunications platform. The chairs and ranking members of the Intelligence, Homeland Security, Foreign Relations and Armed Services committees urged O’Brien to advance a national strategy for 5G mobile networks that overlays the mandates of individual agencies.
And, a number of recent studies have also pointed to 5G networks as an inviting target for hackers. In one survey, eight in 10 senior cybersecurity and risk management decision makers at 50 global companies said 5G technology will bring heightened risks and cybersecurity challenges for their organizations, including a greater risk of attacks on Internet of Things networks, a wider attack surface and inadequate security baked into 5G hardware and firmware, research by Information Risk Management revealed. “The acceleration to market of 5G and lack of security considerations are causing concern,” the report said. “The vulnerabilities in 5G appear to go beyond wireless, introducing risks around virtualized and cloud native infrastructure.”