New recommendations were released by the NSA and CISA to help cloud service providers, mobile network operators and core network equipment vendors ensure that 5G networks are secure against threat actors planning attacks that would deny access or compromise data, BleepingComputer reports.
The guidance aims to minimize 5G networks’ vulnerabilities in case a 5G cloud system has already been breached, by preventing lateral movements by attackers. This can be done by implementing secure identity and access management protocols, ensuring that 5G cloud software is updated and protected from known vulnerabilities, ensuring that the 5G cloud networking is configured securely, keeping isolated network functions from communicating, watching out for signs of adversarial lateral movement and implementing analytics designed to detect adversarial presence.
Three more parts of the security guidance are forthcoming, each of which focuses on securely isolating network resources; protecting data that are in-use, at rest or in transit; and ensuring 5G infrastructure integrity, respectively.
Cloud environments are being compromised by APT29 not only through previously breached access service account credentials but also via old employee accounts that were not disconnected by organizations.