EU working on certification for 5G security

Get a free Techzine subscription!

Enisa, the cybersecurity agency of the European Union, has announced that it is working on a cybersecurity verification scheme for 5G. It should help the EU to secure mobile networks against possible threats.

Telecompaper writes that Enisa is working on a certification process for 5G equipment, which will become part of the ‘toolkit’ of measures the EU has at its disposal to secure the new network. The authority is inviting 5G experts to join the working group that Enisa will set up to develop the scheme.

Enisa

Enisa, also known as the European Network and Information Security Agency, deals with certificates for the security of standard products. The organisation can also certify specific products at the request of the European Commission.

Vulnerabilities

At the end of 2020 several parties, including Enisa, warned about the dangers of 5G networks. Security specialist Positive Technologies thinks that the networks can be hacked because of as yet unresolved vulnerabilities. Positive Technologies mainly highlights two vulnerabilities, one in the HTTP/2 protocol and one in the PFC protocol. Enisa warns mainly about vulnerabilities in the underlying technology stack, especially in the radio access and core layers.

Patchwork quilt

The rollout of 5G in Europe is not exactly progressing fast. There is already almost nationwide coverage in some countries, while in others the rollout has yet to begin. That’s why Apple CEO Tim Cook recently described the coverage in Europe as ‘a patchwork quilt’. Research company Gartner expects the wider rollout of 5G in 2021 to lead to a significant increase in smartphone sales.