A threat taxonomy for 5G
- By Stephanie Kanowitz
- Dec 09, 2019
With 5G, comes promises of low latency, high speeds and more reliable connectivity. But a new report warns that the next-gen network technology is also likely to bring new security threats such as outages, nefarious activity and physical attacks.
In its Nov. 21 “ENISA Threat Landscape for 5G Networks” report, the European Union Agency for Cybersecurity describes a taxonomy of threats to simplify the “laborious task” of defining the 5G's broad and complex threat landscape, focusing on specific components of the 5G infrastructure.
At a high level, the taxonomy lists nine threat areas:
- Nefarious activity and abuse that target systems, infrastructure and network.
- Eavesdropping, interception or hijacking.
- Physical attacks that can destroy, alter, expose, disable or steal assets such as infrastructure or hardware.
- Intentional damage aimed at reducing usefulness.
- Unintentional damage that reduces usefulness.
- Failures or malfunctions.
- Outages resulting in unexpected disruption of service.
- Sudden accidents or natural disasters.
- Legal actions of third-parties designed to prohibit actions or compensate for loss.
ENISA hones these threats further by categorizing them based on whether the target is part of a core network, radio access, network virtualization or a generic component.
- Core network threats relate, for example, to software-defined networking (SDN) and mostly fall under the categories of nefarious activity and eavesdropping/interception/hijacking.
- Access network threats include those related to wireless and radio transmissions and also fall under eavesdropping/interception/hijacking.
- Multi-edge computing threats affect components at the edge of the network and are most susceptible to nefarious activity and eavesdropping/interception/hijacking.
- Virtualization threats put the virtualization of the underlying IT infrastructure, network and functions at risk.
- Physical Infrastructure threats put the actual IT infrastructure at risk, especially in the areas of physical attacks, damage or loss of equipment, equipment failures or malfunctions, outages and disaster.
- Generic threats, those that typically affect any IT system or network, are important to mention because they help define and frame threats specific to 5G.
- SDN threats, which relate to SDN functions common in the 5G infrastructure.
Threat agents -- which the report defines as human or software agents that may wish to abuse, compromise or damage assets -- will also evolve, according to ENISA.
“Due to their nature, 5G networks will deliver multiple added-value and critical services and functions to the economy and society,” the report states. “This will attract the attention of existing and new threat agent groups with a large variety of motives” that will develop new tools and methods either organically or by merging with other like-minded groups.
To address and combat these new threats and agents, the report recommends that 5G ecosystem stakeholders share threat knowledge with one another, develop working relationships to create “an efficient network of experts in various domains that will be responsible for contributing to the creation of 5G Cyberthreat Intelligence” and work together to improve standards and other materials on cyber threats.
Read the full report here.
Stephanie Kanowitz is a freelance writer based in northern Virginia.