Skip to Main Content

The Security of 5G

December 28, 2021

In the world of bigger, better, faster, 5G has become the talk of the wireless industry. With speeds up to 20 times faster than 4G, 5G also reduces latency and has a bigger bandwidth, meaning more devices can stay connected at max speeds. Originally implemented in mid-2019, 5G is now widely available across America for any device capable of using it.

As with any new technology – especially one operating in a wireless space – security experts need to focus on how to keep 5G safe. To assist with this effort, the US National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing a series called “Security Guidance for 5G Cloud Infrastructures.

To date, only the first part of the series has been released, Part I: Prevent and Detect Lateral Movement.

Chris Hughes, for CSO, reviewed the training and summarized the six key takeaways from Part 1 of the series.

Hughes shares that the training, overall, focuses on Zero Trust, meaning that nothing coming in or out of a network should be automatically trusted. The Zero Trust model has been growing in popularity as cyberattacks increase.

“The guidance for 5G cloud environments involves robust perimeter protections as well as secure internal controls coupled with sufficient logging, monitoring, and automation,” shares Hughes. “Cloud environments present myriad entry points and vulnerable interfaces where malicious actors could attempt to compromise environments including software, APIs and networks.”

Many of the suggestions offered by NSA and CISA are standard best practices that should continue to be followed. Among these are implementing identity and access management and keeping 5G software updated.

Under identity and access management Hughes notes that least permissive control, multi-factor authentication, and appropriate use of certificates are all important to utilize and that logging is also vital as a best practice.

“Anomalous behavior should be identified as soon as possible and auto-remediation capabilities implemented when feasible,” says Hughes.

Keeping 5G software updated is a complex issue due to the variety of both open-source and proprietary software providers. Hughes says the series emphasizes that software development practices and vulnerability management programs are key to ensuring software patches are applied appropriately.

Another area on which Part 1 of this series focuses is monitoring and detecting lateral movement. Lateral movement occurs when an attacker is able to retain access to a system even if the initial entry point is discovered.

Hughes shares that no level of security control will matter if these types of threats can remain undetected.

“This is why it warrants having proper monitoring, detection, alerting, and remediation practices in place for when this does occur,” says Hughes. “This should involve activities such as monitoring for user behavior abnormalities and suspicious network traffic behaviors, such as communicating with known-bad external addresses.”

The other three points that Hughes highlights are secure 5G network configuration, lock down communication among isolated network functions, and use analytics to detect adversarial presence. Read the full article for more information on all six points.

Learn more about Capitol Tech’s degrees in Security, Intelligence, and Critical Infrastructure. Among the degrees offered in this area are a bachelor of science in Facilities Management and Critical Infrastructure as well as master’s and doctoral degrees in Critical Infrastructure. Many courses are available online. For more information, email admissions@captech.edu.