European Union prepares report on 5G network security issues

EU member states have posted a joint report assessing risks constituted by the 5G technology, which underlines high security risks and the need for a new approach to the provision of security of telecom infrastructure.
The report highlighted a number of “security issues, which may present themselves or become more pronounced in 5G networks” compared to mobile networks currently in use: the risks derive from the broader use of software in 5G mobile communication technologies, as well as software and applications to be launched in next-generation networks.

In the context of analysis of 5G implications, the report predicts, in particular:

• A higher exposure to attacks and an increased number of potential points of criminal access. Considering the high degree of 5G networks’ reliance on software, they face higher risks of security flaws, such as bad software development processes amongst suppliers. They also facilitate the creation of product backdoors by criminals and complicate their detection.
• Due to new characteristics of 5G network architecture and new functionalities, certain elements of network equipment, such as base stations or key functions of network technical administration, become more sensitive.
• In the context of higher exposure to attacks coming from 5G communication providers, the risk profile of individual operators will acquire particular significance, including a possibility of a supplier’s exposure to interference by a non-EU country.
• In addition to the confidentiality threat, 5G networks will become a foundation of many critical IT applications, and the integrity and accessibility of these networks will pose a major problem of EU national security.

The report is the first step towards preparing an EU response to the provision of 5G network security. A package of tools is due to be created by December 31 to eliminate exposed risks on the national level and on the level of the European Union as a whole.