The US cybersecurity and intelligence agency has released a set of recommendations to address security concerns and harden against potential threats regarding 5G standalone network slicing.
This was announced by the US Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA).
5G is the 5th generation technology standard for broadband cellular networks, offering higher data speeds and lower latency. Network slicing is an architectural model that allows mobile service providers to divide their network into multiple independent “slices” to create virtual networks serving different clients and use cases.
The updated recommendations build on guidance previously issued by the agency in December 2022, which states that network slicing can expose users to a wide range of threat vectors including denial of service, jamming, identity theft and man-in-the-middle attacks. It warns that there is – Effectively interfere with the confidentiality, integrity, and availability of network services.
Concerns about 5G network slicing are detailed in a report published in March 2021 by Enea AdaptiveMobile Security, which describes brute force gaining malicious access to slices and orchestrating denial-of-service attacks against other network functions. The possibility of force attacks is emphasized.
And in May 2021, the U.S. government announced that improper implementation of telecommunications standards, supply chain threats, and system architecture weaknesses could pose significant cybersecurity risks to 5G networks, thereby It warned that it could allow actors to exploit loopholes to extract valuable information from victims.
Shielding Against Insider Threats: Mastering SaaS Security Posture Management
Worried about insider threats? We’ve got you covered! Join us for this webinar to explore practical strategies and proactive security secrets using SaaS Security Posture Management.
join today
In their latest guidance, the authorities cited denial-of-service attacks, misconfiguration attacks, and hostile man-in-the-middle attacks against the signaling plane as the three main threat vectors for 5G, with Zero Trust Architecture (ZTA) potentially helping. I pointed out that there is. Secure network deployment.
CISA and NSA said “ZTA can largely be achieved by employing authentication, authorization, and auditing (AAA) techniques.” “Done properly,
Authentication and authorization can also mitigate threat vectors arising from misconfiguration attacks. ”
Agencies should also seek industry acceptance of how 5G network slicing will be implemented, designed, deployed, operated, maintained, potentially enhanced, and mitigated, as 5G network slicing impacts quality of service (QoS) and service level agreements. It also states that it is important to be aware of established best practices (SLA).
