A comprehensive, EU-wide 5G security risk assessment has identified the most pressing potential challenges posed by 5G networks.
The report, based on individual 5G security risk assessments conducted by each EU Member State with support from the European Commission and the European Agency for Cybersecurity, forms part of a recommendation adopted by the Commission in March this year aimed at safeguarding high standards of 5G network security. As 5G connectivity becomes increasingly widespread across the EU, the Commission has highlighted the need to boost the resilience of networks against cyber-attacks and other untoward events.
Drawing on the national 5G risk assessments conducted by the EU’s Member States, the report highlights potential challenges to the cybersecurity of 5G networks including:
- Widespread 5G connectivity will offer increased entry points for hackers, while certain technological elements – including physical equipment and functions – may become more sensitive and by extension more vulnerable to attacks;
- Due to the reliance of mobile network operators on suppliers, potential attacks and exploits aimed at suppliers, particularly those based outside Europe, may increase both in severity and impact; and
- As 5G connectivity becomes more widespread, businesses and governments will become increasingly reliant on 5G networks, meaning that hacks and network failures could lead to major national security concerns.
The report says: ‘This report identifies a number of important security challenges, which the advent of 5G networks are likely to give rise to or intensify, while taking into account the evolving nature of the 5G technology and environment. While 5G networks technology and standards will also bring certain security improvements compared with previous network generations, several important challenges derive from the novel features in the network architecture and the wide range of services and applications, which may in the future rely extensively on 5G networks. These security challenges are also linked to the greater access of third-party suppliers to networks and to interlinkages between 5G networks and third party systems, as well as to the degree of dependency on individual suppliers.’
The European Agency for Cybersecurity is in the process of developing its own 5G security risk assessment, which will consider the technical hazards of 5G in greater depth.