Connect with us

Hi, what are you looking for?


Mobile & Wireless

U.S. Warns of 5G Wireless Network Security Risks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week released an infographic underlining some of the risk factors associated with 5G wireless networks.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week released an infographic underlining some of the risk factors associated with 5G wireless networks.

Building upon existing 4G Long-Term Evolution (LTE) infrastructure, 5G is designed to improve bandwidth, capacity, and reliability of wireless broadband services. The technology is intended to meet increasing data and communication requirements, offering capacity for tens of billions of connected devices. 

While 5G is expected to deliver a broad range of improvements and a better user experience, supply chain, deployment, network security, and competition and choice vulnerabilities could negatively impact the security and resilience of 5G networks, CISA says. 

In a recently published infographic, the agency details upon these risks, presenting what in its opinion represent points of vulnerability in 5G networks. 

“The 5G supply chain is susceptible to the malicious or inadvertent introduction of vulnerabilities such as malicious software or hardware; counterfeit components; and poor designs, manufacturing processes, and maintenance procedures,” CISA’s infographic reads (PDF). 

With untrusted entities providing hardware, software, and services for 5G networks, the risk of network asset compromise is increased, and this could impact confidentiality, integrity, and availability of data, CISA says. 

The agency also notes that, even if U.S. networks are secure, U.S. data remains at risk when traveling overseas through untrusted telecommunications networks. 

Advertisement. Scroll to continue reading.

Potential security issues residing in the deployment of 5G networks include an increased attack surface, due to both a larger number of information and communication technology (ICT) components used compared with previous generation of wireless networks, and to locally-built networks, the infographic says. 

“Improperly deployed, configured, or managed 5G equipment and networks may be vulnerable to disruption and manipulation,” CISA notes. 

Not only will 5G networks be, in some cases, integrated with 4G LTE networks that contain some legacy vulnerabilities, but the new technology too may introduce unknown vulnerabilities, which could impact the new networks regardless of the amount of security built into them, the agency notes. 

In some cases, vendors such as Huawei build proprietary interfaces into their technologies, which limits customers’ abilities to use other equipment, forcing customers to either continue using an untrusted supplier or to completely replace existing equipment, the agency also points out. 

“Lack of interoperability may also make it difficult for trusted companies to compete, potentially limiting their ability to invest in R&D and eventually driving them out of the market,” CISA says. 

The compromise of various elements that constitute a 5G network, the agency also notes, could result in data interception and compromise, or even in disrupted data and services at a large scale. 

Related: The Time is Now to Secure for 5G

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...

Mobile & Wireless

Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

The February 2023 security updates for Android patch 40 vulnerabilities, including multiple high-severity escalation of privilege bugs.

Mobile & Wireless

Asus patched nine WiFi router security defects, including a highly critical 2018 vulnerability that exposes users to code execution attacks.