5G security from the perspective of the US report on 5G infrastructure threat factors

introduction

On May 10, 2021, the National Security Agency (NSA), the Office of the Director of National Intelligence (ODNI), and the Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security jointly released the "Analysis Report on Potential Threat Elements of 5G Infrastructure". The release of this report is the result of the implementation of the second task of the 2020 "National 5G Strategy". The three major functional agencies of the United States have released a report on 5G infrastructure threats for the first time, indicating that the United States has placed 5G security in an important position, indicating that the United States must maintain its leading advantages in global intelligence capabilities, cyberspace operations, and protection of critical information infrastructure, and also curb the development of opponents such as China.

2. Major threats to 5G infrastructure security

The report divides the main threat elements of 5G infrastructure into three categories: policy standards, supply chain and 5G system architecture, and identifies 11 sub-threats as vulnerabilities that attackers can exploit. It also describes example scenarios of 5G threats and evaluates the risks and vulnerabilities brought by 5G applications. The release of the report indicates that the United States has begun to focus on thinking about the risks brought by 5G applications, and also shows that the deployment and application of 5G will pose new challenges and its future development is full of new uncertainties.

2.1 Policies and standards will directly affect the design and architecture of emerging technologies

The formulation of 5G policies and standards is the foundation for safeguarding future 5G communication infrastructure. Currently, global standard-setting bodies - the Internet Engineering Task Force, the International Telecommunication Union and the Telecommunication Standards Organization are developing 5G technical standards and security controls, which will have an impact on the design and architecture of new technologies such as autonomous driving, edge computing and telemedicine. Threats in policy standards mainly involve two sub-threats: open standards and control options.

Open standards: Since some hostile countries are also involved in the formulation of technical standards, the standards may stipulate that the system must adopt certain untrusted technologies and equipment, which may restrict competition and force users to adopt untrusted new technologies in accordance with the standards. These untrusted patented technologies are often not interoperable, further limiting the company's competitiveness in the 5G market. In addition, 5G technologies that are not interoperable are difficult to update, repair and replace, resulting in increased product life cycle costs and delayed 5G equipment replacement time.

Control options: Standards bodies develop mobile communications protocols that contain either required or optional security controls. Network operators that do not implement security control options may have more vulnerable networks and face a higher risk of cyberattacks.

2.2 Supply chain will inevitably bring systemic risks

The 5G supply chain is vulnerable to risks such as malware and hardware, counterfeit components, and poor design. The unique appeal of 5G technology and its hasty deployment further exacerbate this risk, leading to the theft of data and intellectual property, the destruction of the integrity of 5G networks, or their exploitation to cause negative consequences such as system and network failures.

5G’s ability to connect billions of devices heightens the risk of untrusted or counterfeit components being introduced into the 5G supply chain. This risk includes sabotage of 5G equipment or infrastructure, ultimately affecting end-user devices (such as computers, phones, and other devices). Untrusted companies, especially those with a significant market share in international telecommunications networks, or suppliers with government backing, can also exacerbate supply chain risks. For example, if a country purchases 5G equipment from a company whose supply chain has been compromised, then that country’s data is highly vulnerable to interception, manipulation, or destruction by malicious attackers, which can pose additional risks when it sends data to international partners, as one country’s security network may be vulnerable to threats from another country’s untrusted telecommunications network.

Counterfeit parts

Counterfeit parts are more vulnerable to cyberattacks and are more likely to be damaged due to their poor quality. Compromised counterfeit components allow malicious attackers to further compromise the confidentiality, integrity or availability of data and affect other more sensitive parts of the network.

Inherited components

Inherited components may come from an extended supply chain of third-party vendors, suppliers, and service providers. The supply chain can be attacked by suppliers, including suppliers of suppliers, who lack strong security controls and audits of R&D, production, or delivery channels. If flaws or embedded malware are present early in the development phase, it is more difficult to detect. Developers may use methods such as digital signatures to mark components as legitimate, and these vulnerabilities may be exploited by malicious attackers later.

2.35G system architecture brings new risks and will make network attacks more frequent

The 5G system architecture is designed and developed to meet the growing demand for data, capacity, and communications. Although 5G component manufacturers and service providers are improving security through technological improvements, both traditional and new vulnerabilities may be exploited by malicious attackers. In addition, 5G networks will use more ICT components than previous generations of wireless networks, providing malicious attackers with ways to intercept, manipulate, disrupt, and destroy critical data. The increase in 5G capacity has promoted the popularity of the Internet of Things, but it has also added a large number of unsafe devices to 5G networks. The diversity of these devices may lead to the complexity of the 5G architecture and introduce unforeseen systemic weaknesses or vulnerabilities.

As new 5G components and technologies are developed and deployed, new vulnerabilities will be discovered. The future 5G system architecture will increase the attack surface and the probability of being exploited by malicious actors. If we do not continue to pay attention to the main elements of 5G threats and identify vulnerabilities in the system architecture early, new vulnerabilities will increase cyberattacks.

The current 5G system architecture involves seven sub-threats: software/configuration, network security, network slicing, traditional communication infrastructure, multi-access edge computing, spectrum sharing, and software-defined networking.

Software/Configuration

Unauthorized access to software or network components provides malicious attackers with the opportunity to modify configurations, reduce security controls, install malware on the system, or identify vulnerabilities that attackers can exploit to gain persistence and privileged access to the system or network.

Cybersecurity

5G devices and infrastructure capabilities provide opportunities for malicious attackers to exploit. If network devices are compromised through network layer attacks, malicious attackers can gain unauthorized access to 5G networks, potentially disrupting operations and intercepting, manipulating, and destroying critical data.

Network Slicing

Network slicing allows users to authenticate only to a certain area of ​​the network, thus achieving data and security isolation. However, network slicing can be difficult to manage, and slicing increases the complexity of the network. Improper network slice management allows malicious attackers to access data from different slices, or deny access to priority users.

Traditional communication infrastructure

Although the 5G network infrastructure is designed to be more secure, many security specifications and protocols of the 4G traditional communication infrastructure are still applied in the 5G network, which makes the traditional communication infrastructure contain inherent vulnerabilities that may be exploited by malicious attackers if not addressed.

Multi-access edge computing

Multi-access edge computing changes the way data is processed and stored by moving core network functions closer to end users at the edge of the network. Introducing untrusted 5G components into MEC could expose core network elements to risks due to software and hardware vulnerabilities, counterfeit components, and poor manufacturing processes.

Spectrum Sharing

To realize the potential of 5G, 5G systems need to complement a variety of frequencies including low, medium and high spectrum. As more and more devices compete to access the same spectrum, spectrum sharing is becoming more common. Spectrum sharing may provide malicious attackers with opportunities to interfere with non-critical communication channels, thereby adversely affecting more critical communication networks.

Software Defined Networking

Although software-defined networking (SDN) improves network flexibility and simplifies management, malicious attackers may embed code in SDN controller applications to limit bandwidth and negatively affect network operations.

3. The current status of 5G security situation

In April 2021, the Global Mobile Suppliers Association (GSA) announced that 133 countries and regions have invested in 5G in trials, acquisition evaluations, network deployment, etc., of which 68 countries already have real-time 5G commercial networks. From the perspective of global strategic layout, the battle for 5G has become the focus of competition among the world's major powers in the field of high-tech, and there is a clear trend of integration with military, economic, and political factors. Especially in the current context of Sino-US friction, the battle among countries for standards, discourse power, and market share in the 5G industry has entered a fierce level, and the 5G global industrial chain will face many uncertainties. It can be expected that the game among countries in 5G security will also intensify further.

3.1 The United States strives to enhance its international leadership in 5G security

The United States attaches great importance to 5G security, and has elevated the protection of 5G network security and the re-leadership of the 5G industry to the national strategic level. It has mobilized national forces, ensured implementation through legislation and executive orders, and actively reduced 5G network security risks.

In March 2020, the White House released the National 5G Security Strategy, which detailed how the U.S. government will ensure the security of 5G infrastructure at home and abroad, and pointed out that the national 5G security strategy should be consistent with the national network strategy. At the same time, the 5G Security Assurance Act was passed to ensure the security of 5G in the United States and promote the 5G security of its allies. In April, the House of Representatives proposed the U.S. Telecommunications Act, providing a $750 million grant through the National Telecommunications and Information Administration to support the deployment and use of the OpenRan 5G network across the United States and add security features; in September, CISA released the "CISA 5G Security Strategy", proposing 5 strategic initiatives to promote the development and deployment of secure and cyber-resilient 5G infrastructure, thereby creating greater value for the United States and its allies; in December, the Department of Defense released the "5G Technology Implementation Plan" report, providing a 5G security roadmap from the aspects of technology, security, standards, policies and application cooperation, and expanding its activities in standard-setting organizations; in February 2021, NIST established the 5G Security Evolution Project and released the "5G Network Security Practice Guide" to help 5G network organizations as well as operators and equipment suppliers improve their security capabilities.

In terms of international cooperation, the United States has been promoting the potential international security risks of using Chinese hardware, and has been advocating the "5G security threat theory". It has viewed 5G competition with a "zero-sum mentality", implemented technical blockades on China's 5G, and attempted to establish an anti-China alliance. Under its leadership, the Prague Proposal proposed that the 5G network structure and system functions need to be given priority security considerations on the grounds that they are related to national security, economic security, other national interests, and global stability. In August 2020, US Secretary of State Pompeo announced that a new round of expanded "Clean Network Plan" would be launched against China in order to protect the United States' critical telecommunications and technology infrastructure. The "Clean Network Plan" is an upgraded version of the US 5G competition strategy against China, and a continuation of the US Cold War mentality and ideological competition.

At present, more than 30 like-minded countries and regions have joined the US Clean Network Plan and pledged to protect 5G networks, exclude untrustworthy suppliers, and promise that their telecom operators have agreed to only use trusted suppliers (products). In addition, the US Federal Communications Commission (FCC) has also included Huawei and ZTE in the list of national security threats, and with the help of the US Agency for International Development (USAID)'s technical assistance to developing countries, it has promoted developing countries to ban Chinese 5G suppliers (products). The United States' series of 5G security strategies are actually a fear of the rise of China's 5G network technology and a suppression of Chinese companies. This kind of hegemonism is destined to fade away.

3.2 The EU focuses on strategic autonomy in 5G security

For the EU, mastering core technologies in the digital age has become an indispensable factor in achieving "strategic autonomy". The EU has made the construction of 5G networks a key area in building a digital Europe, attaches great importance to the strategic autonomy and network security of 5G technology, and has issued a series of policy documents aimed at addressing 5G network security issues in the region. These documents particularly emphasize the risks to 5G suppliers from non-EU countries and assess that Chinese 5G companies face severe challenges in doing business in the EU.

In October 2019, the EU National Cybersecurity Collaboration Group released the "5G Cybersecurity Unified Risk Assessment Report", which assessed the risk of threat vulnerabilities to 5G asset sensitivity; in November, the European Network and Information Security Agency released the "5G Cybersecurity Threat Panorama", which analyzed the security threats to 5G networks, described the 5G cybersecurity threat map and the security challenges of 5G networks, and added the creation of a comprehensive 5G architecture, identification of important assets, assessment of threats affecting 5G, identification of the degree of asset exposure, and assessment of threat source motivations.

In January 2020, the EU National Cybersecurity Collaboration Group released the "5G Cybersecurity Risk Mitigation Measures Toolbox", which comprehensively sorted out the 5G cybersecurity risks faced by the EU and proposed a set of feasible measures to promote the coordinated response of EU member states to 5G network information security. In July, the EU National Cybersecurity Collaboration Group released the "Progress Report on the Implementation of the 5G Cybersecurity Toolbox by EU Member States", analyzing the progress of EU member states in implementing the 5G Security Toolbox at the national level. At present, the EU's understanding of 5G security is no longer limited to the technical level, but is considered from the strategic height of regional security and international relations in the overall interests of the EU. The purpose of the EU's release of the toolbox is to evaluate and reduce 5G network security risks through a unified EU approach, accelerate 5G deployment while ensuring 5G network security, and ensure technological sovereignty.

3.3 The UK begins to shift from a 5G security balance strategy

The UK originally adopted a balanced strategy in the field of 5G security, but gradually leaned towards the US under pressure from the US. In January 2020, the UK National Cyber ​​Security Center issued an official report, defining Huawei as a high-risk supplier, banning China's Huawei core network, with a share of less than 35%, and making cybersecurity risks controllable through risk reduction measures. In May, the British government established the D10 5G Club with 10 countries including the G7, Australia, South Korea and India to support alternative suppliers of 5G equipment in an attempt to eliminate dependence on China's 5G.

In July, the UK National Cyber ​​Security Center stated that it could not guarantee the 5G security of China's Huawei, and positioned Huawei as a high-risk supplier. It will stop the purchase and deployment of Huawei's 5G equipment by the end of 2020, and require Huawei to completely disappear from the UK's 5G network in 2027. In November, the UK Parliament promulgated the Telecommunications (Security) Bill, which confirmed the government's power to supervise and evaluate operators from a legal perspective. The bill stipulates that the government has the right to issue instructions to public telecommunications service providers to manage the cybersecurity risks brought by high-risk suppliers. Although high-risk suppliers have been banned from entering the most sensitive core parts of the network, the bill will allow the government to regulate telecommunications service providers' use of goods, services or facilities provided by high-risk suppliers.

3.4 Other countries actively follow up

As early as 2018, the Australian government issued a ban, repeatedly excluding Huawei from the country's 5G network construction on the grounds of "national security". Affected by the government's 5G ban, Huawei's operator business in Australia fell by 21% in 2019. In early 2020, Australian Government Home Affairs Minister Peter Dutton opposed the re-discussion of the Huawei ban, emphasizing that "they are high-risk suppliers."

Canada has been slow to make a formal decision on banning or restricting Huawei equipment. Although the Canadian government has not explicitly banned Huawei, its local telecom operators have chosen to cooperate with Huawei's competitors to build 5G networks. In June 2020, Canadian telecom operator Telus announced that it had signed agreements with Nokia, Ericsson and Samsung.

Japan still refuses Huawei to enter its domestic market and strengthens coordination with the United States. As an ally of the United States, Japan cooperates with the United States in anti-Huawei policies and selects European suppliers such as Ericsson to participate in the construction of 5G networks. In 2018, Japan announced that Huawei and ZTE were banned from government contracts, and Japanese companies also declared that they would not purchase 5G equipment from these two suppliers except for trials. In March 2020, Japan's three major telecom operators NTTDoCoMo, KDDI and SoftBank successively launched 5G commercial services, marking the beginning of Japan's entry into the 5G era. On May 20, Japan and the United States launched a new bilateral dialogue on economic security issues such as 5G and control of foreign investment to strengthen coordination. The Japan Broadcasting Association (NHK) said on June 29 that the Japanese government decided to provide 70 billion yen (about 4.62 billion yuan) to support domestic 5G technology research and development, believing that this move is intended to compete with leading Chinese 5G manufacturers.

South Korea defines 5G as a national strategy, hoping to take the opportunity to expand. In June 2019, South Korean officials said that Huawei's 5G equipment was isolated from the national defense network and posed little threat. Only less than 10% used Huawei 5G, and the rest used Samsung and other manufacturers. South Korea has driven operators to accelerate 5G applications by rapidly promoting spectrum issuance, physical site sharing, and national competition tests. The intention is to mature the E2E5G industry in South Korea, thereby enhancing the export of ICT industries including terminals and semiconductor network equipment, and creating a new engine for South Korea's economic growth.

Security Challenges Facing 4.5G Networks

With its powerful connection, ultra-low latency and ultra-large network capacity, 5G will for the first time expand the communication service objects to people and things, things and things, opening a new era of the Internet of Everything and realizing new innovations, new markets and economic growth models. However, these developments of 5G are bound to bring new security challenges. 5G infrastructure will become an attractive target for criminals and foreign adversaries to obtain valuable information and intelligence, threatening national security and economic security, and affecting national and even global interests. Therefore, 5G networks will be more vulnerable to attacks than before. At present, the main challenges facing 5G are as follows:

The diversity of endpoints expands the attack surface

There are many types of terminals accessing the 5G network, and their computing power and security protection measures vary significantly. With the large number of terminals accessing, forged, hijacked, virus- or malicious-program-containing terminals that lack basic security protection capabilities may spread and expand terminal security risks through the 5G network. At the same time, with the widespread application of 5G networks in industries such as the Industrial Internet and the Internet of Vehicles, the security risks of non-universal protocols used by terminals in various industries are also introduced into the 5G network.

Widespread use of virtualization technology renders traditional defense measures ineffective

Network functions are deployed through cloud computing services, the boundaries of communication networks have become blurred, and traditional network security measures deployed through physical isolation are no longer applicable. At the same time, the widespread use of virtualization technology has also introduced security risks such as security vulnerabilities, virtual machine escape attacks, and malicious attacks on virtualization platforms into 5G networks.

Service-oriented architecture puts access control at risk

The service-oriented architecture of 5G networks enables network functions to be presented to the outside world through common interfaces, which can realize flexible network deployment and management. With the opening of interfaces, common interfaces face potential risks in identity authentication, access control, communication encryption, etc., and defects in the design of security solutions can lead to risks such as flooding attacks and resource abuse. In addition, the lack of security mechanisms or misconfiguration of policies at edge computing nodes may lead to risks such as unauthorized access to edge computing gateways, overload of edge nodes, and abuse of border open API interfaces; the use of network slicing technology may face security risks such as unauthorized users accessing network slices.

The difficulty of protecting data security increases as

With the large-scale promotion and application of 5G networks, data security risks are becoming increasingly diverse. Edge computing causes network and user data to sink to the edge of the network, and the challenges of data isolation and protection at the edge of the network are obvious; the blurred network boundaries brought about by virtualization technology increase the difficulty of data protection; network slicing technology places higher demands on the security isolation and protection of data; the rapid growth in the number of access devices and the differences in the capabilities of protective measures have led to an increase in data leakage risk points and increased difficulty in controlling illegal and harmful information.

Network operation and maintenance becomes more complicated

The evolution of 5G network architecture brings about security operation and maintenance issues, including: it is more difficult to locate network function safety defects, and network defects may come from hardware, virtualization technology, network function software and orchestrators; the centralized deployment of 5G networks increases the complexity of operation and maintenance, and the impact of security incidents and system failures is wider. Network function failure may cause abnormal or interrupted communication services in multiple regions; the lack of knowledge, skills and operation and maintenance experience of operation and maintenance personnel in network function virtualization, software-defined networks, etc. may make it difficult to deal with security risks in a timely and effective manner.

5. Main measures to address 5G network threats

As 5G network applications continue to deepen, the closeness with various industries is increasingly strengthened. The loss of any node may cause a network disaster. In addition, the current frequent network attacks, network security threats and attack methods are constantly changing, making 5G infrastructure face extremely severe security issues. In order to ensure the security of 5G, information powers such as the United States have seized the right to formulate rules and taken multiple measures at the government and enterprise levels to solve the security threats faced by 5G infrastructure.

5.1 Government level

Actively participate in and lead the standard-setting process. 5G standards are crucial to planning the future of technology and are of great significance to national security and competitiveness. It can be expected that in the future, governments will strongly support relevant institutions and companies to fully join standard-setting organizations, play a more active role in formulating 5G technical standards, and promote the safe deployment and commercialization of 5G technology. At the same time, in order to prevent threat entities from affecting 5G security, security and network resilience factors should be fully considered in the process of formulating policies and standards, and cooperate with trusted market leaders and international allies to promote the formulation of 5G standards, eliminate potential security risks of 5G technology, and prevent threat entities from maliciously affecting the top-level design and technical architecture of 5G networks.

Regularly assess risks related to 5G infrastructure Regularly assess economic and national security and other risks brought by 5G infrastructure, and promote safe and reliable 5G infrastructure deployment. This includes defining and maintaining core security principles for 5G infrastructure, assessing the risks posed by 5G infrastructure network threats and vulnerabilities to economic and national security, and formulating security principles for 5G infrastructure.

Actively address 5G infrastructure supply chain risks Develop supply chain risk management standards to facilitate the evaluation and mitigation of supply chain risks by implementing agencies. Actively strengthen cooperation with allies to agree on a multi-layered security system. Allow secure cooperation and data exchange between countries using cellular infrastructure from trusted suppliers, while providing additional security in countries that may not have hardware and software from trusted suppliers installed, and strengthen a common approach to the security of key component and software supply chains.

5.2 Enterprise Level

Strengthen the protection of existing infrastructure and support future 5G deployment to address the long-term underinvestment in reducing network risks, fully support 5G technology innovation, and provide secure and network-resilient 5G technologies; use machine learning and artificial intelligence to protect the network; transform the supervision of network completeness from a post-event indicator to a pre-event indicator; formulate a proactive network protection plan to ensure the security of the 5G network itself; incorporate security into the development and operation cycle; and publish best practices.

Committed to achieving an open and modular architecture To avoid the current single supplier model in the 5G market and get rid of its dependence on it, actively promote a more diverse and interoperable ecosystem (called open radio access network, or "Open RAN"), thereby getting rid of dependence on any one 5G infrastructure supplier. Accelerate the design and expansion of network functions and innovative terminal applications by different participants. Secondly, actively develop a server system based on "cloud computing", transfer many command and control functions of the network to cloud computing, and guide how the network can meet the needs of existing tasks, including guidance on routing and security policies.

6. Conclusion

Strengthening the security of 5G critical information infrastructure is necessary to enhance the security of 5G technology applications, strengthen the national network security protection capabilities, and continuously optimize the network ecological environment. It is also a guarantee for promoting the rapid development of 5G technology. Recently, my country has also successively introduced systems and standards such as network security level protection and critical information infrastructure security protection, and proposed requirements for the protection of 5G and other critical information infrastructure to accelerate the construction of a network security protection system, comprehensively strengthen network security inspections, establish and improve a network security incident emergency work mechanism, and improve the ability to respond to network security incidents. However, in the face of the United States's promotion of the 5G security China threat theory, forcing allies to choose sides, and implementing technical blocking of China's 5G, we feel that there is still a long way to go.