Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label 5G Slicing. Show all posts

NSA, CISA Concerns Over Security Risks Against 5G Network Slicing


The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have recently released new guidelines regarding cybersecurity threats pertaining to 5G network slicing. 

The document illustrates how a network slice is “an end-to-end logical network that provides specific network capabilities and characteristics to fit a user’s needs.” 

While numerous network slices operate on a single physical network, the guidelines clarify that each network slice user is only authenticated for one specific network region, allowing for data and security isolation. 

“This type of architecture heavily relies on a Network-as-a-Service (NaaS) model, combining Infrastructure-as-a-Service with network and security services, which enhances the operational efficiency and resiliency of the 5G infrastructure […] Within a 5G architecture, the plan is to deliver the whole NaaS so that different customer segments can be efficiently supported,” reads the guideline.

According to the report, "network slicing enables operators to incorporate various network characteristics or components, possibly from different operators, to offer particular applications or services for 5G consumers. Although effective for delivering services, 5G network slicing throws a wide net of threats, including possible weak points in standards and regulations, the supply chain, and other areas."

"Although network slicing is not solely unique to 5G, it is a critical component because 5G specifications call for network slicing as a fundamental component and therefore require network operators to adopt security practices that can mitigate threats like those described in this paper, DoS, MitM attacks, and configuration attacks," the report states. 

Due to these cyber threats, the NSA and CISA have stated that maintaining and monitoring a network slice is essential for identifying and thwarting cyberattacks. 

“For more robust security, network operators should consider techniques, as referenced in this paper, such as zero trust, multi-layer security, cross-domain solutions, post-quantum cryptography, and isolation,” both agencies concluded. 

The NSA, along with CISA, has appointed members and experts from public and private sectors in order to address security concerns pertaining to 5G slicing. This resulting 5G network slicing cybersecurity report looks forward to its architecture, how it will aid in emerging technologies, such as autonomous vehicles, and guidelines on how to secure it.