Next-generation telecommunications services based on 5G promise faster mobile broadband, massive IoT connectivity, and ultra-reliable, low latency communications, helping to realize everything from pervasive fixed wireless Internet access to connected industries and smart cities. At the same time, the services based architecture inherent to 5G will enable network operators to simplify infrastructure management, automate service delivery, and generate new streams of revenue from tailored enterprise offerings. 5G presents a foundation for building smart nations and powering economic growth, but this foundation is fraught with risk as 5G architectural characteristics and anticipated use cases open up a significantly larger attack surface1. It is crucial that governments and industry partner to engineer cybersecurity defenses into 5G infrastructure with the goal of protecting critical services and realizing 5G’s full social and economic potential.
This paper provides high-level insights regarding 5G cybersecurity risks to an operator’s core network infrastructure and presents six key recommendations for strengthening 5G against cybersecurity threats. These recommendations inform a security architecture strategy that builds on inherent security services defined in the 5G standard. This paper does not specifically address security within the user access environment, though much of the guidance would still apply as best practices for strengthening enterprise, industrial, and IoT networks that leverage 5G services.