Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

FCC to Focus Efforts on 5G, Software and Cloud Service Vulnerabilities

Former Chairman of the Federal Communications Commission (FCC), Ajit Pai, resigned on the day of President Biden’s inauguration. He was replaced by Acting Chairwoman Jessica Rosenworcel, who last month delivered her first major action by fining Texas based telemarketers a record $225 million.

Former Chairman of the Federal Communications Commission (FCC), Ajit Pai, resigned on the day of President Biden’s inauguration. He was replaced by Acting Chairwoman Jessica Rosenworcel, who last month delivered her first major action by fining Texas based telemarketers a record $225 million.

Last Thursday (April 15th), Rosenworcel made a statement on future priorities by reestablishing the Communications, Security, Reliability, and Interoperability Council (CSRIC) with a focus on 5g networks and software and cloud services vulnerabilities.

“I am committed to working with our federal partners and the private sector to increase the security and resiliency of our nation’s communications networks,” she said in a statement. “That is why I am refocusing and revitalizing the FCC’s Communications, Security, Reliability, and Interoperability Council for the challenges of today and tomorrow. The damage from recent supply chain attacks, like the SolarWinds software breach, demonstrates our need for a coordinated, multifaceted, and strategic approach to protecting our networks from all threats.”

CSRIC provides recommendations to the Commission on how to improve the security, reliability, and interoperability of the nation’s communications systems.

5G is the next generation of mobile communications, and mobile phone companies began to deploy it in 2019. It has been predicted that there will be more than 1.7 billion subscribers by 2025, and that it will eventually achieve speeds of up to 10 gigabits per second. 

One inevitable effect of this increased bandwidth is that it will attract vast amounts of data onto the airwaves – both commercial data to be shared between distributed offices and IoT-collected data.

But there are huge concerns over the security of 5G. Politically, those concerns focused on Huawei and its 5G equipment – but the security issues are more systemic. 5G is not replacing 4G wholesale, but is being built on top of 4G. This means that 5G is likely to be susceptible to all the current security vulnerabilities found in 4G; and in some cases, even those found in 2G and 3G.

Related: 5G Security Flaw Allows Data Access, DoS Attacks

Advertisement. Scroll to continue reading.

Related: 5G Security Risk vs. Reward

Related: Vulnerabilities in Standalone 5G Networks Expose Users to Attacks

Related: GTP Vulnerabilities Expose 4G/5G Networks to High-Impact Attacks

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...