A new report published by the National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI) warns that there are security risks to implementing 5G network slicing and says that if operators do not carefully manage 5G network slicing they may inadvertently allow malicious actors to access data from different network slices.
Network slicing allows operators to partition the network into segments for certain use cases and each network segment can be customized. The benefit of network slicing is that it allows each slice to use at least some of the same underlying common network infrastructure, which makes it more efficient and cost effective than building separate networks for each use case.
Network slicing is considered one of the more prominent attributes of deploying a standalone (SA) 5G network but has yet to be deployed commercially in the U.S. although Dish Network, which is in the midst of rolling out a nationwide SA network, often talks about its network slicing aspirations.
But making sure each network slice is secure is a difficult task. According to the report from the NSA, CISA and ODNI, there are no specifications telling operators how to develop and implement security for network slicing. And these agencies fear that this lack of specifications will lead to security breaches.
The three most likely types of threats to occur in a 5G network slicing scenario, according to the report are:
- Denial of service attacks on centralized control elements that lead to services being disrupted
- Attacks on misconfigured system controls, which causes the network slice to be made unavailable to legitimate users.
- Man-in-the-middle attacks, in which confidential information or user data is exposed or messages are modified resulting in misinformation.
The report also said that not only could network slices be vulnerable to these types of attacks but it’s possible that bad actors could chain together multiple attacks and the implications could reach beyond a single network slice.
Because the security threats to network slicing are so critical, the report recommends that operators implement four layers of security that cover the virtualized network functions (VNF) instances and related connections, the transport network, the core network and all the network slice subsets. In addition, the report recommends that operators continually monitor network slices for malicious activity by using multiple network monitoring solutions.