The Department of Homeland Security’s cyber wing has released a five point plan to safeguard the nation’s budding 5G mobile network infrastructure against cyber threats.
The document, entitled CISA 5G Strategy: Ensuring the Security and Resilience of 5G Infrastructure in Our Nation, details five “strategic initiatives” the Cybersecurity and Infrastructure Security Agency (CISA) is focused on:
- Support 5G policy and standards development by emphasizing security and resilience.
- Expand situational awareness of 5G supply chain risks and promote security measures.
- Partner with stakeholders to strengthen and secure existing infrastructure to support future 5G deployments.
- Encourage innovation in the 5G marketplace to foster trusted 5G vendors.
- Analyze potential 5G use cases and share information on risk management strategies.
Of the strategic initiatives, each addresses “critical risks to secure 5G deployment, such as physical security concerns, attempts by threat actors to influence the design and architecture of the network, vulnerabilities within the 5G supply chain, and an increased attack surface for malicious actors to exploit weaknesses,” CISA said in the document.
MSSPs and 5G Infrastructure Protection
For managed security services providers (MSSPs), the document offers a wide view on how to monitor and manage 5G infrastructure as well as the data that flows across it.
Last March the federal government released an overarching plan to protect 5G wireless network build outs, entitled the National Strategy to Secure 5G. CISA’s document is drawn to map to that strategy, with both focusing on facilitating domestic 5G rollout; assessing risks and identifying core security principles; managing the risks to national security from 5G; and promoting global development and deployment.
In January, the House passed three bipartisan measures aimed at protecting fifth generation wireless networks and technologies, spanning a whole-of-government approach, encouraging participation by the private sector and adherence to an international cybersecurity framework recommended at the Prague Proposals.
Hackers: Preparing 5G Network Attacks?
A number of recent studies have also pointed to 5G networks as an inviting target for hackers. In one survey, eight in 10 senior cybersecurity and risk management decision makers at 50 global companies said 5G technology will bring heightened risks and cybersecurity challenges for their organizations, including a greater risk of attacks on connected devices networks, a wider attack surface and inadequate security baked into 5G hardware and firmware.
“From my perspective, 5G is the single biggest critical infrastructure build that the globe has seen in the last 25 years and, coupled with the growth of cloud computing, automation, and future of artificial intelligence, demands focused attention today to secure tomorrow, CISA director Christopher Krebs wrote in the 5G security strategy report.