New Risk Assessment Report from European Commission Highlights Potential 5G Security Risks

Reliance on any single supplier, whether Huawei or anyone else, is risky…:

[…] Roger Entner, Founder and Lead Analyst of Recon Analytics, emphasizes the importance of having multiple 5G security vendors: “Europe is finally understanding how single vendor systems pose grave threats to 5G security. 5G networks have more points of attack. The differentiation between edge and core is disappearing as the edge is being absorbed into the core. Single vendor deployments are exposing operators to incalculable risks as operators tie their success to the viability of their vendors. Furthermore, it becomes necessary to trust in the vendors to an even greater degree, as some are vulnerable to state actors and sponsors, including those who don’t share our democratic principles.”

For that reason, the 5G security report also suggested that all of the Member States begin to build up “European industrial capacity,” in terms of companies and other entities or organizations that are capable of providing software, networking equipment, lab testing capabilities, and conformity evaluations. What this means in practical terms is that a single large tech giant – such as Huawei – will not be able to force its will upon any of the Member States by the sheer fact of its overall market power. Far better to rely on a trusted European vendor than a potentially untrustworthy non-EU vendor, right?

Of course, the 5G security report outlined many of the classic cybersecurity risks facing any 5G network rollout, albeit at a very high level. For example, the report specifically noted that 5G networks are very dependent on software for their working, and thus, Member States should pay particular attention to potential software flaws or security weaknesses. In addition, the report specifically noted that the very nature of 5G network architecture meant that some networking equipment – such as base stations – are potentially overly sensitive and need to be monitored with much greater oversight.

[…]

Original article here