Industry, government and public-interest groups unite over 5G security

From open RAN to wireless emergency alerts, the FCC's new Communications Security, Reliability, and Interoperability Council (CSRIC) plans to look at security and 5G networks.

Mike Dano, Editorial Director, 5G & Mobile Strategies

September 22, 2021

3 Min Read
Industry, government and public-interest groups unite over 5G security

The eighth iteration of the FCC's Communications Security, Reliability, and Interoperability Council (CSRIC) met for the first time Wednesday to go over the group's duties for the next two years.

The new effort is an attempt by the US government to bring together a variety of stakeholders across the 5G industry – including public-interest groups, equipment vendors, service providers, trade associations and related government officials – to address a wide range of security issues.

"No entity is immune from this threat," FCC Acting Chairwoman Jessica Rosenworcel said in comments to the group. "This needs our attention, because enough is enough."

Rosenworcel noted in her introductory remarks that attacks against telecommunications companies and infrastructure have been on the rise. She specifically pointed to recent hacks involving SolarWinds and KPN. She also mentioned a hack into a "nationwide wireless carrier" involving 40 million customers, though she did not name the operator. She likely was referring to the massive hack into T-Mobile's systems that, according to The Wall Street Journal, was perpetrated by a 21-year-old American in Turkey.

"I could go on," Rosenworcel said of such hacks, noting that "our defenses need to evolve and improve."

As a result, the CSRIC VIII is tackling the topic of security – with a focus on 5G – through six specific working groups:

  • 5G Signaling Protocols Security, which will look into the details around the 5G transmission standard, building on previous FCC efforts to look into other cellular signaling technologies including SS7 and Diameter protocol. AT&T is among the companies participating in this group.

  • Promoting Security, Reliability, and Interoperability of ORAN Equipment, which will investigate security technologies in nascent open RAN standards. Mavenir is among the companies participating in this group.

  • Leveraging Virtualization Technology to Promote Secure, Reliable 5G Networks, which will look at security issues around virtualized network functions and software-defined networking. Dell Technologies and Microsoft are among the companies working in this group

  • 911 Service Over Wi-Fi, which will look at how 911 calls might be conducted over other networks, including Wi-Fi.

  • Managing Software & Cloud Services Supply Chain Security for Comm. Infrastructure, which will look at how to secure the equipment supply chain for 5G and other telecom products.

  • Leveraging Mobile Device Applications and Firmware to Enhance WEA, which will look at ways to improve the delivery of emergency alerts.

There are dozens of executives and officials in CSRIC VIII, including Billy Bob Brown, Jr. of the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA); Colin Andrews of the Telecommunications Industry Association (TIA); Donna Bethea-Murphy of Inmarsat; Brian Daly of AT&T; Harold Feld of Public Knowledge; Stephen Hayes of Ericsson; Javed Khan of Altiostar Networks; and Steve Watkins of Cox Communications.

Security issues have long dogged the global telecom industry and the cellular industry, too, particularly as cellphones have shifted from nice-to-have devices to ones critical to modern digital life. Further, a number of other government organizations have tackled the topic of 5G security in recent years, including the National Institute of Standards and Technology's (NIST), DHS' Information and Communications Technology Supply Chain Risk Management Task Force (ICT SCRM Task Force) and the National Telecommunications and Information Administration's (NTIA) Communications Supply Chain Risk Information Partnership (C–SCRIP).

Thus, the latest version of the FCC's CSRIC group represents yet another step in a long line of moves by both industry and government focused to prevent hacks into telecom networks, including 5G networks.

Related posts:

Mike Dano, Editorial Director, 5G & Mobile Strategies, Light Reading | @mikeddano

About the Author(s)

Mike Dano

Editorial Director, 5G & Mobile Strategies, Light Reading

Mike Dano is Light Reading's Editorial Director, 5G & Mobile Strategies. Mike can be reached at [email protected], @mikeddano or on LinkedIn.

Based in Denver, Mike has covered the wireless industry as a journalist for almost two decades, first at RCR Wireless News and then at FierceWireless and recalls once writing a story about the transition from black and white to color screens on cell phones.

Subscribe and receive the latest news from the industry.
Join 62,000+ members. Yes it's completely free.

You May Also Like