Saturday, September 26

Rise of 5G drives intelligence community to refine cyber threat information sharing practices

The rise of next-generation 5G capabilities will enable data speeds 100 times faster than current-generation 4G networks and a foundation to connect millions of Internet of Things-enabled devices.

But while 5G could have major implications for the economy, intelligence and cybersecurity agency officials warn that moving more core functions to the edge of networks could create a larger attack surface for adversaries and introduce more vulnerabilities into agency systems, the defense industrial base and national critical infrastructure.

Constance Taube, the deputy director of the National Counterintelligence and Security Center, said the intelligence community has seen a rise in “blended operations” that combine supply-chain vulnerabilities with insider threats and other cyber threats.

“The capabilities that 5G brings will increasingly blur the lines between the physical world and the virtual, thus it is more important than ever to secure what you’re doing online and your data that resides online,” Taube said Wednesday during an INSA webinar. “With all the advances and opportunities that 5G brings, so too does it bring vulnerabilities that go beyond what already exist with 4G and its predecessor networks.”

As the intelligence community reassesses the scope of emerging threats, Taube said supply chain vulnerabilities for critical infrastructure industries – including telecommunications, banking and energy – carry the highest level of risk and require a commensurate level of protection.

But in response to that threat, Taube said NCSC is in the process of “working out a repeatable process” that will streamline how the federal government shares cyber threat information with industry partners.

Agencies have spent considerable effort over the past few years to improve lines of communication to prevent and respond to a major cyber-attack, and Taube said the intelligence community as a result is in a much better position to send and receive cyber threat information.

“When we have threat information, it is worse to have it and not use it than it is to not have it. We’re cognizant of that and we are very carefully and mindfully working in the information-sharing space,” she said.

To mitigate supply chain threats, the intelligence community has spent the past few years building up trusted vendors. To that end, Taube said the Chinese telecoms company Huawei “falls short” of standards for transparent ownership, ethical corporate behavior and adherence to best practices on security.

“The critical need for trust in a telecoms provider, especially when there are so many vulnerabilities that 5G will bring can’t be overstated. And in short, the company Huawei epitomizes concerns about the dangers of networks that can be manipulated, disrupted or controlled by authoritarian governments with no democratic checks or balances, no regard for human rights, privacy or international norms,” she said.

Bob Kolasky, the director of the Cybersecurity and Infrastructure Security Agency’s National Risk Management Center, recounted the Department of Homeland Security’s ban of Kaspersky Lab products as a sign of progress in building a trusted marketplace of vendors, but said CISA still has challenges convincing industry partners, as well as state and local governments, to take similar actions.

“We want to be somewhat public in the steps we’ve taken because we think that incentivizes and encourages other critical infrastructure companies, state governments, private sector critical infrastructure companies to look at what the federal government is doing,” Kolasky said.

While the coronavirus pandemic drew national scrutiny to the supply chains of personal protective equipment and other medical supplies, Taube said it has also brought public attention to the “downsides of supply chains that are not diverse as perhaps they should be.”

“In cybersecurity, we always want layered approaches to security. We always say that diversity is your friend. In supply chain issues, that concept is likewise valid, and I think what we have learned during the COVID crisis is that we are so deeply integrated in terms of supply chains on critical areas that we may want to rethink are re-adjust maybe just a little bit to ensure that when we are in crisis periods, we are well-positioned to get through the crisis without a reliance on partners that might not gain full trust,” she said.

The scrutiny around Huawei comes after last year’s National Defense Authorization Act highlighted five companies – including Huawei – that raise concerns for government networks. As of August, the NDAA provision banned federal contractors from using Huawei products.

In March, President Donald Trump signed the Secure 5G and Beyond Act that required the White House to develop a strategy for the adoption of secure wireless communications technology in the United States.

The Secure and Trusted Communications Networks Act, which was also signed in March, also provides funding to replace Huawei 5G infrastructure with approved products.

“Huawei, thanks to their government funding, has been able to provide very inexpensive capabilities to rural telecoms, which are generally speaking not a high-profit area for telecommunications companies,” Taube said.