WASHINGTON — A group of top U.S. national security agencies warned Monday in a report that adversarial nations’ influence on 5G standards is a major threat to securing advanced communications networks of the future.
Standard-setting bodies for 5G technology are vulnerable to “undue influence” from adversarial nations that want to boost proprietary technologies and limit future interoperability with other technologies, said the report by the National Security Agency, the Cybersecurity and Infrastructure Security Agency at the Department of Homeland Security and the Office of the Director of National Intelligence. The report did not name China, but the primary technology competitor for the U.S. has flooded international standards oversight bodies with recommendations, according to news reports.
The Pentagon is spending hundreds of millions of dollars at military bases across the country on 5G experiments, such as smart warehouses and advanced radars. The more powerful and faster networks will be able to handle far more connected devices.
Standards-setting bodies, such as Internet Engineering Task Force and the International Telecommunication Union, set technical standards and security controls that would impact the design and architecture of emerging technologies, including autonomous vehicles and edge computing, technologies that the military needs for future wars.
“Given the impact that these decisions have on implementing and adopting 5G technologies, it is critical that international standards and policies are open, transparent, and consensus driven,” the report stated.
The report outlined an array of other threats to fifth-generation communications networks, including the supply chain risks for 5G equipment and insecure network architectures, as 5G networks start to become operational.
“These developments also introduce significant risks that threaten national security, economic security, and impact other national and global interests. Given these threats, 5G networks will be an attractive target for criminals and foreign adversaries to exploit for valuable information and intelligence,” the report stated.
The report also said that nation-states could try to quickly adopt emerging technology to become dominant in 5G, potentially forcing U.S. companies to use untrusted suppliers in their networks.
The report added, “Undue influence from nation-states in sector specific or emerging technology standards, can negatively affect the competitive balance within the 5G market, potentially limiting the availability of trusted suppliers and leading to a situation where untrusted suppliers are the only options.”
China tries to shape standards in its favor by submitting mass amounts of proposed technical standards to governing bodies, getting many adopted, according to Nikkei, a Japan-based financial news organization. The U.S. government has grave concerns about the products made by Huawei, a Chinese-based telecom company and a worldwide leader in 5G equipment, because of its ties to the Chinese government. The federal government has banned U.S. companies from doing business with Huawei.
The U.S. is particularly concerned about Huawei-supplied hardware, and the report cited untrusted components as a specific 5G supply chain risk. These components could contain malicious code or backdoors that a hostile actor could access U.S. or allied networks and steal data.
“Flaws or malware inserted early in the development phases are more difficult to detect and could lead to the developer marking the component as legitimate through digital signatures or other approvals,” the report stated. “These vulnerabilities could then later be exploited by malicious actors.”
Andrew Eversden covers all things defense technology for C4ISRNET. He previously reported on federal IT and cybersecurity for Federal Times and Fifth Domain, and worked as a congressional reporting fellow for the Texas Tribune. He was also a Washington intern for the Durango Herald. Andrew is a graduate of American University.