The Inner Circle

NSA POTENTIAL THREAT VECTORS TO 5G INFRASTRUCTURE

  • 1.  NSA POTENTIAL THREAT VECTORS TO 5G INFRASTRUCTURE

    Posted May 10, 2021 05:38:00 PM
      |   view attached
    Hi All,

    The NSA just published POTENTIAL THREAT VECTORS TO 5G INFRASTRUCTURE.

    The fifth-generation (5G) of wireless technology represents a complete transformation of telecommunication
    networks, introducing a vast array of new connections, capabilities, and services. These advancements will provide
    the connection for billions of devices and will pave the way for applications that will enable new innovation, new
    markets, and economic growth around the world. However, these developments also introduce significant risks that
    threaten national security, economic security, and impact other national and global interests. Given these threats,
    5G networks will be an attractive target for criminals and foreign adversaries to exploit for valuable information and
    intelligence.

    To address these concerns, the United States National Telecommunications and Information Administration (NTIA)
    developed the National Strategy to Secure 5G, a strategic document that expands on how the United States
    The government will secure 5G infrastructure domestically and abroad. The National Strategy to Secure 5G aligns to
    the National Cyber Strategy and establishes four lines of effort: (1) facilitating the rollout of 5G domestically; (2)
    assessing the cybersecurity risks to and identifying core security principles of 5G capabilities and infrastructure;
    (3) addressing risks to United States economic and national security during development and deployment of 5G
    infrastructure worldwide; and (4) promoting responsible global development and deployment of secure and reliable
    5G infrastructure.

    In alignment with Line of Effort 2 in the National Strategy to Secure 5G, the Enduring Security Framework (ESF) was
    identified to assist with assessing risks and vulnerabilities to 5G infrastructure. This included building on existing
    capabilities in assessing and managing supply chain risk. As a result, the ESF 5G Threat Model Working Panel was
    established.1

    The preliminary focus of the 5G Threat Model Working Panel was to explore and prioritize potential threat vectors
    that may be associated with the use of 5G non-standalone (NSA) networks. The working panel reviewed existing
    bodies of work to identify and generate an aggregated list of known and potential threats to the 5G environment,
    determined and developed sample scenarios of where 5G may be adopted, and assessed risks to 5G core
    technologies. This analysis paper represents the beginning of the Working Panel's thinking on the types of risks
    introduced by 5G adoption in the United States, and not the culmination of it. This product is not an exhaustive risk
    summary or technical review of attack methodologies and is derived from the considerable amount of analysis that
    already exists on this topic, including public and private research and analysis



    ------------------------------
    Michael Roza CPA, CISA, CIA, MBA, Exec MBA
    ------------------------------