NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) hosted an Informal Workshop on 5G Supply Chain and Network Security on 9 June 2021. The experts concluded that NATO needs a multinational effort for supply chain and network security of commercial and military 5G networks.
NATO has developed and implemented baseline requirements for telecommunications but an Alliance-wide military-grade criteria for supply chain and network security of public and private 5G networks is yet to be developed. A comprehensive understanding and awareness of 5G vulnerabilities, threats and risks must be shared across the Alliance and with partners. Security risks associated with 5G networks to NATO missions and operations must be well comprehended by strategic and political decision-makers, commanders and officers.
This project was started in early 2021 and will be completed in a year. The research reports will recommend secure ways and means for NATO militaries to operate through commercial and private 5G networks, focusing on developing use cases and scenarios in specific operational environments. The research maps evidence-based vulnerabilities and risks to selected use cases across the whole life-cycle, including those stemming from open source software and interconnectivity to commercial providers´ networks and systems, and identifies procedures and methods to mitigate them. The CCDCOE project team will continue refining research objectives and developing the agreed deliverables throughout the year bringing together subject matter experts from various NATO bodies, NATO and partner nations, as well as academia and industry.