top of page

Secure 5G Network Slicing with U.S. Cybersecurity and Intelligence Agencies' Recommendations

In an era dominated by the rapid advancements of technology, cybersecurity remains a paramount concern for users across the globe. Of this vast landscape, 5G Network Slicing has taken center stage due to its potential vulnerabilities. In response to this, prominent U.S cybersecurity and intelligence agencies, namely the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA), have unveiled a compilation of advice to fortify these networks against looming threats. First, grasping what 5G technology and Network Slicing entail is crucial. The fifth-generation technology standard for broadband cellular networks, often abbreviated to 5G, surpasses its predecessors through enhanced data speeds and diminished latency. Network Slicing is an infrastructure design model wherein mobile service providers can divide their encompassing network into numerous distinct "slices." These slices aid in the creation of virtual networks meant to serve various clients and applications. However, despite their undeniable benefits, these technologies also present a dynamic threat landscape. To counterbalance this, the agencies underlined the importance of sophisticated monitoring, auditing, and data analytical capabilities to ensure the services' level of the network slicing adheres to standardized requirements over time. Riding on the coattails of previous guidance shared in December 2022, this fresh advisory warns the public of the several threat avenues that Network Slicing could expose users to. These threat vectors include adversary-in-the-middle cyber attacks, identity theft, jamming, and the notorious denial-of-service. Consequently, these threats have the potential to compromise the confidentiality and integrity of network services, adversely affecting their availability. The agencies highlighted past instances where these threats were identified. A report by Enea AdaptiveMobile Security published in March 2021 addressed concerns linked to the potential of brute-force attacks that could maliciously gain access to a slice, wielding its power to manage denial-of-service attacks against other network functionalities. Furthermore, a cautionary statement by the U.S. government in May 2021 underscored the grave cybersecurity risks connected to ill-equipped implementation of telecommunication standards, systemic architectural weaknesses, and supply chain threats, enabling ill-intentioned actors to exploit vulnerable areas to extract valuable data. The new guidance identifies denial-of-service attacks on the signaling plane, adversary-in-the-middle cyber-attacks, and misconfiguration attacks as the primary 5G threat vectors. The agencies believe embedding a Zero Trust Architecture (ZTA) into network deployments can fortify cybersecurity measures. They argue that a significant part of realizing ZTA lies in implementing Authentication, Authorization, and Audit (AAA) techniques, which can further help prevent misconfiguration attacks. The importance of understanding and employing industry-standard best practices regarding the design, deployment, operation, maintenance, and potential fortification of 5G network slicing cannot be overlooked. It is emphasized to consider these factors as they directly affect Quality of Service (QoS) and Service Level Agreements (SLAs). Ultimately, in our increasingly interconnected world, safeguarding our digital landscape has never been more pressing. It is vital that authorities, businesses, and individuals alike remain vigilant, stay informed, and take proactive measures to ensure the integrity of this new technological frontier.


bottom of page