Home Tags NEWS

Tag: NEWS

RAND Securing 5G
RAND Corporation just published a new research report: "Securing 5G - A Way Forward in the U.S. and China Security Competition." The report examines 5G security issues, the 5G supply chain, and the competitive landscape in 5G equipment. It describes where U.S. or Chinese companies have technology or market advantages in the emerging 5G security competition between the United States and China and provides recommendations for securing U.S. 5G networks. The report correctly views the 5G competition through three intertwined dimensions: economics, technology, and security. However, it is primarily framed in terms of the 5G security competition between the United States...
NIST 5G Cybersecurity
National Cybersecurity Center of Excellence (NCCoE) of the U.S. National Institute of Standards and Technology (NIST) just published the second portion of a preliminary draft practice guide for "5G Cybersecurity" - Special Publication SP 1800-33B 5G Cybersecurity - Volume B: Approach, Architecture, and Security Characteristics. This volume is intended for technology, security, and privacy program managers who are concerned with how to identify, understand, assess, and mitigate risk for 5G networks. This comes 14 months after NCCoE published the first volume in the series: SP 1800-33A 5G Cybersecurity Volume A: Executive Summary. SP 1800-33B 5G Cybersecurity - Volume B: Approach, Architecture,...
Samsung 5G Core - Evolution path towards 5G NSA + SA + WiFi
The O-RAN Alliance is a relatively new standards association that's focusing on creating open connections between various networking elements within 5G. The alliance just announced its new "Release 002" batch of specification that includes 40 O-RAN specifications published since November 2021 including:• O-RAN R1 interface: General Aspects and Principles v1.0• O-RAN A1 interface: Test Specification v1.0• O-RAN Acceleration Abstraction Layer High-PHY Profiles v1.0• O-RAN Security Tests Specifications v1.0and another 36 technical documents that have been updated with extensions and new features. The alliance published a lengthy post outlining all new improvements https://www.o-ran.org/blog/2022/04/06/o-ran-alliance-introduces-40-new-specifications-released-since-november-2021
DoD
The United States Department of Defense (DoD), in collaboration with the National Telecommunications and Information Administration’s (NTIA) Institute for Telecommunication Sciences (ITS), announced today the launch of the 5G Challenge Preliminary Event: RAN Subsystem Interoperability. This competition aims to accelerate the development and adoption of open interfaces, interoperable components, and multi-vendor solutions toward the development of an open 5G ecosystem. DoD has started significant investments in 5G since it wants to create data-centric weapons systems that are able to communicate with each other. Through this and other related challenges it is trying to create a vendor community that will help...
GlobalData 5G Mobile Core Disruptors
New report from Eightfold AI - What Telecoms Need to Build a Future-Ready Workforce - outlines how telecoms can strengthen talent readiness to accelerate innovation and new offerings The report contains the findings and insights from the Eightfold Talent Intelligence Platform, a deep-learning platform powered by the largest global talent dataset, to determine talent readiness for addressing innovation trends in the telecommunications industry. For this analysis of talent in the telecommunications industry, Eightfold analyzed approximately 500,000 publicly available profiles from top telecoms. With a constantly evolving skill mix due to automation, emerging technologies, and new business models, familiar telecom roles are undergoing...
OIC-CERT
OIC-CERT is the the Computer Emergency Response Team of The Organisation of Islamic Cooperation. I've been following their excellent efforts around 5G security for a while and was glad to see how seriously they are taking it. For example, about a year ago OIC-CERT published "Achieving 5G Security through Open Standards". The organization also recently held a 5G Security Framework Workshop And now it has started rolling-out of the OIC-CERT 5G Security Framework Adoption at GISEC, the Middle East and Africa’s most influential and connected cybersecurity event. The framework (in progress) is available here: https://www.oic-cert.org/members/index.php/cyber-security-landscape/feeds/10-cyber-threats/32-5g-security-wg I will continue monitoring their efforts with...
CSIS
The Center for Strategic and International Studies (CSIS), a Washington, D.C.-based think tank, published an interesting study on the cybersecurity implications of the “decoupling” of Chinese and Western technology spheres and warns of more aggressive offensive cyber operations to come. The study, "The Two Technospheres: Western-Chinese Technology Decoupling: Implications for Cybersecurity" focuses on digital decoupling—establishment of two “technospheres", one driven by China and the other by companies and governments in Western nations. The study finds that technology decoupling is rapidly progressing with impacts on various sectors varying depending on how heavily they intersect with national security and personal privacy concerns....
ENISA NFV Security in 5G
The EU Agency for Cybersecurity (ENISA) continues its excellent effort on 5G security by issuing a report with suggested good practices for the secure deployment of Network Function Virtualisation (NFV) in 5G networks. The report identifies some 60 security challenges for NFV, which it groups in seven categories: Virtualisation or containerisation; Orchestration and management; Administration and access control; New and legacy technologies; Adoption of open source or COTS; Supply chain; Lawful interception (LI). It analyses the relevant security controls and recommends 55 best practices to address these challenges, across technical, policy and organisational facets. Some of the main issues identified are ensuring...
Vodafone Portugal
The attack, discovered on Monday night, impacted the 4g/5g network, TV, voice services, and SMS services provided to more than seven million people. While the company was able to restore 3G services, others remained impacted. It even affected the ATM network of some large banks connected to the Vodafone 4g network. Vodafone called the incident "a deliberate and malicious attack intended to cause damage." Mário Vaz, CEO of Vodafone Portugal, said in a statement that "our absolute priority is the restoration of our services. Our technical teams have been working non-stop from the moment this attack was found to reset the...
FCC
The US Federal Communications Commission (FCC) Chairwoman is asking $5.6B from Congress seeks to reimburse carriers for removing and replacing insecure 5G networking equipment - those made by banned Chinese vendors Huawei and ZTE. Congress had initially set aside $1.9B for the replacement program under The Supply Chain Reimbursement Program created by the Secure and Trusted Communications Networks Act. However, after FCC received 181 applications from carriers, the total cost has been estimated to $5.6B revealing a shortfall of $3.7B. For more information see the FCC press release : CHAIRWOMAN ROSENWORCEL NOTIFIES CONGRESS OF DEMAND TO PARTICIPATE IN THE SECURE AND...
5G EU Report
The EU Court of Auditors issued a special report "5G roll-out in the EU: delays in deployment of networks with security issues remaining unresolved" in which EU auditors are raising an alarm. According to the report, 5G services are seen as essential for a wide range of innovative applications which have the potential to transform many sectors of our economies and improve citizens’ daily lives. 5G is therefore of strategic importance for the entire single market. However, the majority EU member states are not on track with the deployment of their 5G networks and lack a common approach to...
NSA CISA
The US National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) recently released the first of a four part series titled Security Guidance for 5G Cloud Infrastructures. This series of four action-oriented documents is intended to provide guidance on how to move toward zero trust in support of securing 5G. It’s been created as a joint industry and government effort with the support of several large contributors through the NSA’s Enduring Security Framework (ESF). This final release in the series is titled Security Guidance for 5G Cloud Infrastructures - Part IV: Ensure integrity of Cloud Infrastructure with...
NSA CISA
The US National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) recently released the first of a four part series titled Security Guidance for 5G Cloud Infrastructures. This series of four action-oriented documents is intended to provide guidance on how to move toward zero trust in support of securing 5G. It’s been created as a joint industry and government effort with the support of several large contributors through the NSA’s Enduring Security Framework (ESF). This third release in the series is titled Security Guidance for 5G Cloud Infrastructures - Part III: Data Protection with the focus...
NSA CISA
The US National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) recently released the first of a four part series titled Security Guidance for 5G Cloud Infrastructures. This series of four action-oriented documents is intended to provide guidance on how to move toward zero trust in support of securing 5G. It’s been created as a joint industry and government effort with the support of several large contributors through the NSA’s Enduring Security Framework (ESF). This second release in the series is titled Security Guidance for 5G Cloud Infrastructures - Part II: Securely Isolate Network Resources with...
NSA CISA
The US National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) recently released the first of a four part series titled Security Guidance for 5G Cloud Infrastructures. This series of four action-oriented documents is intended to provide guidance on how to move toward zero trust in support of securing 5G. It’s been created as a joint industry and government effort with the support of several large contributors through the NSA’s Enduring Security Framework (ESF). This first release in the series is titled Security Guidance for Cloud Infrastructures Part I: Prevent and Detect Lateral Movement and is...