security breaches through bad usage practices by personnel.[1] All of these issues and more apply to vendor maintenance computers. These support systems are rarely examined by security engineers, and yet they may be equipped with credentials that give them powerful abilities to insert vulnerabilities into the infrastructure.
Radio access network (RAN) vendors often dictate choices of core network infrastructure that manages traffic over backhaul links and across national fiber networks. They also provide core authentication services, the ability to perform legal intercepts, name server functionality and interconnection with the Internet. This control derives from vendor use of non-standard techniques to communicate and manage base stations and the overall radio network. As a result, an operator may have difficulty choosing non-Huawei core infrastructure for Huawei base stations. Multi-vendor networks are typically configured as islands of common vendor equipment, and if a vendor is found to have serious security issues, replacing that vendor in the infrastructure may require a near-complete rebuilding of the network.
5G core infrastructure has additional issues from functionalities like network “slicing” that exposes the network to non-operators. For example, if a virtual reality headset requires a managed slice of network infrastructure to communicate with a cloud-based gaming service, this increases the attack surface of the core network by enabling signaling and control to edge- and cloud-based compute entities.
5G Devices
In addition to 5G network infrastructure, DoD must also consider security risks associated with 5G devices. If the current trends of rising Chinese dominance in the wireless device market continues, Chinese vendors will continue to grow in market share and in sophistication, even if denied access to the U.S. market due to their device popularity with the rest of the world. To the extent U.S. forces deployed overseas use these devices, either for official business or for personal uses, DoD will have to address issues caused by their use.
Evidence of backdoors or security vulnerabilities have been discovered in a variety of devices globally. Many of these seem to be related to requirements from the Chinese intelligence community pressuring companies to exfiltrate information about domestic users. In a recent case, Nokia android handsets were discovered to have a backdoor that sent a variety of data to a network server located in the network of China Telecom.[2] Nokia had deliberately built this code into devices sold into China, but had then accidentally installed it onto all its other devices. In 2018, software from XIONGMAI, a Chinese camera vendor that manufactures security cameras, was found to have to an undocumented backdoor user named “tluafed” (“default” in reverse) that could access millions of cameras. This is believed to be related to a hash
- ↑ “Weapon System Cybersecurity, GAO, October 2018, https://www.gao.gov/assets/700/694913.pdf.
- ↑ Jerry Hildenbrand, “How does a phone maker ‘mistakenly’ collect user data and ship it off to a server in China?” androidcentral, March 23, 2019, https://www.androidcentral.com/how-does-company-nokia-or-oneplus-mistakenly-collect-user-data-and-ship-it-server-china.
