search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
Cybersecurity


infrastructure, the fact that vulnerabilities might be related to hardware and software, or deficiencies in the related processes and policies. “These potential vulnerabilities are exacerbated in the case of 5G due to the complexity of its technology and their reliance on software and on network function virtualisation,” Calderon explains, “which in turn can make networks exposed to back doors accessible to equipment vendors or third parties.” Similarly, additional vulnerabilities might arise from the lack of compliance with 5G standards or the incorrect implementation of said standards, which contribute to single-vendor implementations – “a major security risk”, according to Calderon – with associated supply chain risks.


A non-technical vulnerability stems from the increasing role of services provided by suppliers, Calderon adds. They can be subjected to interference by third countries, particularly in the absence of legislative or democratic safeguards, change of corporate ownership from the supplier, or exposure to supply chain disruptions.


“The topic is complex but fascinating for me and my CTO team,” he says. “Nations are more aware of the cybersecurity risks of 5G networks and the need to make them resilient through the implementation of risk mitigation measures, the promotion of standardisation of network architectures, and the implementation of open interfaces, among other measures.”


Participation in 5G standardisation efforts


While standardisation of mobile standards is not new to 5G, it remains the key success factor that allows for the mass deployment and adoption of mobile services in modern societies since second- generation information management and technology (IMT) standards, Calderon explains. Since 2022, the NCI Agency has been a member of ETSI standard organisation and, as a result, a part of the 3rd Generation Partnership Project (3GPP) – an umbrella term for a number of standards organisations that develop protocols for mobile telecommunications – enabling the agency to participate and observe standardisation efforts in 5G and its evolutions. With 5G, however, unlike with past generations of mobile standards, the development of IMT standards was performed by industry verticals and new non- traditional actors for the first time – including the transportation industry, emergency services and industrial application users. In particular, Calderon adds, defence users have an outsized interest in influencing 5G standardisation, as future IMT standards – from 5G evolutions to future 6G standard releases – will also be used for defence applications. However, as defence applications and use cases are considered niche when compared to mass-market


civil applications, it is essential that defence users at standardisation bodies ensure that technical features and functional requirements – like SideLink, which allows push-to-talk type of functionality in tactical communications – are pursued in standardisation, and development and implementation by industry. “Additionally, 5G standardisation and compliance of 5G implementations to standards helps reduce the vulnerabilities of commercial implementations,” notes Calderon. “They enable multi-vendor deployments with controlled interfaces and verification points that allow the use of security controls, monitoring practices and exposure to backdoor risks, especially in the context of public 5G infrastructure. “The main benefit for defence applications is that the participation in 5G standardisation efforts facilitates the exploitation of their interoperability and their potential for the development and implementation of gap-filling, cost-effective communication capabilities,” he adds. An example of the NCI Agency’s work with 5G is Nato’s 5G exercise run by Allied Command Transformation and Latvia. During the exercise, Calderon says, they demonstrated the use of 5G to provide long distance, low-latency, high throughput and interoperable communication services. These services were used to connect a variety of autonomous devices such as drones and land platforms, seamlessly, over long distances. Ultimately, this work, alongside the NCI Agency’s efforts to help Nato build digital resilience across its operations, will go a long way towards creating a safer, more collaborative security environment, benefitting civil operations just as much as their counterparts in defence. New and emerging technologies will continue to pose a threat while bringing transformational opportunities to the alliance in the future – it’s crucial, then, Nato is prepared to adapt to meet them both. Thankfully, the NCI Agency is here to ensure just that. ●


Defence & Security Systems International / www.defence-and-security.com


Nato member states are increasingly aware of the cybersecurity risks associated with 5G networks and the need to boost their resiliency.


29


SomYuZu/Shutterstock.com


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45