The US National Security Agency and the US Cybersecurity Infrastructure and Security Agency have published a security advisory to warn of attacks on 5G networks through the hijacking of a provider’s cloud resources.
The report is part of a four-part series that was built on the ESF Potential Threat Vectors to 5G Infrastructure white paper that was released by the US agencies in May 2021.The guidance provides recommendations for preventing and mitigating cyberattacks on 5G infrastructure. The document focuses on mitigation for lateral movement attempts by threat actors who gained initial access into a 5G cloud system through the exploitation of a vulnerability,
“5G networks, which are cloud-native, will be a lucrative target for cyber threat actors who wish to deny or degrade network resources or otherwise compromise information,” states the joint advisory. “To counter this threat, it is imperative that 5G cloud infrastructures be built and configured securely, with capabilities in place to detect and respond to threats, providing a hardened environment for deploying secure network functions. “
The risk of attacks from nation-state actors is high and it is essential that US telecommunications providers will implement best practices to secure their networks.
CISA and the NSA recommend 5G service providers and system integrators to implement the following measures to detect and block lateral movement in the 5G cloud:
“An attacker can use cloud/virtual networking to move through a network after initial compromise. Configurations to prevent and detect lateral movements is only one aspect of hardening a 5G cloud infrastructure. The detection and mitigation of lateral movement attempts within a 5G cloud system is a shared responsibility among 5G cloud providers, network operators, mobile network operators and customers.” concludes the report
(SecurityAffairs – hacking, 5G)