The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA) and the Office of the Director of National Intelligence (DNI) have released an analysis paper that assesses vulnerabilities associated with the adoption of 5G technology.
The document analyzes the major threat vectors across 5G domains and those are policy and standards, supply chain and 5G systems architecture, NSA said Monday. Under the three threat vectors, the paper outlines the sub-threats that describe additional vulnerabilities that cyber actors can exploit and potential threat scenarios.
Standards sub-threat vectors include open standards and optional controls, while supply chain sub-threats cover counterfeit and inherited components. For 5G systems architecture, software, network security, legacy communications infrastructure and spectrum sharing are some of the sub-threat vectors described in the paper.
The Potential Threat Vectors to 5G Infrastructure analysis paper was developed by the 5G Threat Model Working Panel, which seeks to explore potential threat vectors that may be linked to the use of 5G non-standalone networks.
The working panel was established through the Enduring Security Framework, which was created to help assess risks and vulnerabilities to 5G infrastructure as one of the lines of effort of the National Strategy to Secure 5G.