NSA, CISA, Add Original Equipment Manufacturers to Audience for 5G Safety Tips

Federal cybersecurity agencies have reached out to network equipment original equipment manufacturers and stressed the importance of building hardware-level trust in their latest guidance on securing the widely virtualized IT architectures that are expected to prevail. in the future.

“Going down from the hardware device level, ensuring the integrity of the container stack (worker nodes, Kubernetes cluster and containers) is essential to prevent attacks and deny cyber actors the ability to persist,” read the published guidelines. by the National Security Agency and the National Security Agency. Cybersecurity and Infrastructure Security Agency Thursday.

The document on ensuring the integrity of infrastructure and cloud resources, such as image files called containers because they contain all the code needed to run an application, is the final installment in a four-part series that agencies have produced on 5G security.

Other publications in the series dealt with detecting and preventing lateral movement through networks, effectively isolating network resources and protecting data in transit, in use, and at rest.

Throughout the series, the NSA and CISA detail mitigation measures for complex cloud environments where multiple tenants may share threats and the responsibility for various security procedures may be unclear between end users, developers. applications and other service providers.

To address this issue, “the audience for each set of recommendations will be identified throughout the series, providing a layered approach to creating hardened 5G cloud deployments,” the agencies said.

The first three posts recommend actions for cloud providers, mobile network operators, and customers. The fourth document is not intended for customers and adds original equipment manufacturers. OEMs include companies like CISCO and others that you less rarely hear about because they operate further down the supply chain.

But as last year showed, adversaries have pursued attacks through fundamental vendors given the greater impact they can have. And the NSA and CISA are highlighting ways to establish a demonstrable chain of trust that begins with firmware, software that’s built into hardware.

“Servers, storage, and network devices form the cloud infrastructure platform on which the cloud-native 5G core is deployed,” the agencies wrote. “Existing node threat mitigation measures are often rooted in firmware or software, making them vulnerable to the same attack strategies. For example, if the firmware can be operated successfully, the firmware-based security controls can most likely be bypassed in the same way. “

The guide lists the National Institute of Standards and Technology Special Publication 800-193 as a resource with specific controls describing how to establish “a method where each software module in a system boot process is required to measure the next module before moving on.” Control”. for example in the technology stack.

One of the keys will be making sure the firmware can be updated, the agencies said, adding that “designers and network operators should choose devices that provide NIST guided protection, discovery and recovery. SP 800-193 of all firmware compatible with rootkits “.

The 5G security series emerged from the sustainable security framework. The group includes representatives of the information and communications technology industry as well as defense and government industrial base companies.

Source link

About Ferdinand Caldwell

Check Also

Samsung Galaxy M33 5G specs spotted on Geekbench

Samsung Galaxy M33 5G visits Geekbench with key specs As shown in the Geekbench database …