NSA, CISA Warn Against Threats to 5G Network Slicing

Written by

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have unveiled new guidelines regarding the security risks associated with 5G network slicing and how to mitigate them.

According to the document, a network slice is “an end-to-end logical network that provides specific network capabilities and characteristics to fit a user’s needs.”

While multiple network slices run on a single physical network, the guidelines explain network slice users are authenticated for only a single network area, enabling data and security isolation.

“This type of architecture heavily relies on a Network-as-a-Service (NaaS) model, combining Infrastructure-as-a-Service with network and security services, which enhances the operational efficiency and resiliency of the 5G infrastructure,” reads the guide.

“Within a 5G architecture, the plan is to deliver the whole NaaS so that different customer segments can be efficiently supported.”

Despite this high level of security, however, the NSA and CISA have warned that network-slicing threat vectors exist and span across policy and standards, supply chain and system architecture.

“Network slicing can be difficult to manage, and the slices add complexity to the network,” reads the report.

“While there are standards defining specifications for how network operators build their 5G network, there are not clear specifications for how network operators should develop and implement security for network slicing.”

According to the document, improper network slice management may enable attackers to access data from different network slices or deny access to authorized users.

More specifically, the report mentions Denial of Service (DoS) attacks, Man-in-the-Middle (MitM) attacks and configuration attacks.

“Although network slicing is not solely unique to 5G, it is a critical component because 5G specifications call for network slicing as a fundamental component and therefore require network operators to adopt security practices that can mitigate threats like those described in this paper, DoS, MitM attacks, and configuration attacks,” reads the guide.

Because of these threats, the NSA and CISA have said the monitoring and maintenance of a network slice are paramount to discovering and mitigating attacks.

“For more robust security, network operators should consider techniques, as referenced in this paper, such as zero trust, multi-layer security, cross-domain solutions, post-quantum cryptography, and isolation,” the agencies concluded.

More information about cyber-attacks against 5G networks is available in a recent explainer by Tim Hardwick, managed solutions and consulting lead of EMEA at Spirent.

What’s hot on Infosecurity Magazine?