“When wireless is perfectly applied the whole earth will be converted into a huge brain, which in fact it is, all things being particles of a real and rhythmic whole.”
– Nikola Tesla, 1926.
Little did Nikola Tesla realize in 1926 that nearly 100 years later the interconnected nature of robust telecommunications and information technology sectors would already closely resemble his prediction. As society becomes more interconnected, the public and private sectors must work together to tap the benefits promised while defending against pitfalls. The evolution of mobile communication networks plays a central role in this balancing act. Implementation of the fifth generation (5G) mobile network infrastructure increases data rates, allows for near real-time interactivity, and builds network capacity. While these developments improve the user experience, they also create opportunities that malicious actors will inevitably seek to exploit. To anticipate and mitigate 5G exploitation efforts, this paper highlights the physical and software-related vulnerabilities of 5G infrastructure.
Brief History of Telephony
Beginning in 1837 with the invention of the telegraph system, early telephony revolved around the idea of removing the barrier of distance and facilitating reliable contact but relied on physical wires. After the advent of the telephone, the first public telephone exchange was established in 1878, then telephone networks spread in metropolitan areas, then outlying areas, and finally into rural areas. As radio design advanced in the 1940s, the concept of the radiotelephone increased the feasibility of a wireless telephone system. Popular in the 1970s, Citizens Band radios, known as “CB” radios, represented a common application of radiotelephone technology. The open nature of the radiotelephone invited eavesdropping, highlighting the enduring struggle telecommunications providers and customers face in protecting privacy. In 1977, the United States took a major step in establishing wireless communications systems when the Federal Communications Commission (FCC) issued the first experimental cellular licenses. Providers divided their service areas into hexagonal-shaped cell-like regions, from which cellular technology derived its name, to efficiently maximize coverage using the fewest cells possible. This opened the gateway to an evolution of wireless communications and its advancement toward 5G.
The Evolution of Mobile Communications Networks
While the technology and infrastructure supporting mobile communications networks evolves continuously, the release of a new generation occurs roughly once a decade. Launching in 1979, the first generation (1G) of mobile network technology supported analog telecommunications, followed by the introduction of text messaging with the release of the second generation (2G) in 1991, mobile and wireless internet connection with the release of third generation (3G) in 1998, increased speeds to support the growing mobile data demand with the release of the fourth generation (4G) and its long-term evolution (LTE) improvement in 2008, and exponential bandwidth growth with the release of the 5G in 2019. In just over 40 years, mobile communications network capabilities have evolved exponentially from exclusively supporting voice communications to facilitating connectivity for an endless array of applications.
The capabilities of 5G are speeding up data rates, supporting near real-time interactivity, and increasing network connectivity. By improving data speed, lowering latency, and expanding capacity, these networks enable upgraded mobile broadband, facilitate the growth of the Internet of Things (IoT), and present opportunities for use cases in mission-critical contexts. Use cases like smart cities, industry automation, autonomous vehicles, virtual/augmented reality, and telemedicine exemplify this paradigm shift. 5G’s expanded use of wireless spectrum across low-band, mid-band, and high-band frequencies accelerates data transmission. Illustrating the enabling factor of lower data latency, the average delay between the sending of information and the corresponding response decreased from 200 milliseconds with 4G to one millisecond with 5G. These 5G capabilities, combined with an increased network capacity, permit billions of new devices, sensors, and systems to connect to the network.
To enable 5G capabilities, the mobile communications infrastructure requires an enhanced Radio Access Network (RAN) and a shift to a decentralized core network. A simplified overview of 5G wireless network operations begins with devices transmitting radio waves to the core network through base stations that make up the RAN. To boost data speed and lower latency, 5G requires the RAN to expand its number of small cell base sites. These base sites include macrocells, microcells, picocells, and femtocells. In use for years already, macrocells are not a new component of the RAN. Typically mounted on towers 50 to 200 feet high to avoid obstruction of the signal, macrocell coverage extends up to a few miles from the tower. Small cells like microcells, picocells, and femtocells complement macrocells and strengthen signals in obstructed areas. Small cells only provide coverage for a range of 32 feet to just over a mile, enable high-speed connectivity through millimeter wave (mmWave) frequency, and are deployed on walls, lamp posts, or other existing infrastructure.
Due to historic investments by wireless providers and federal infrastructure siting reforms, the rollout of 5G across the United States happened twice as fast as 4G, but the transition to end-to-end 5G service remains unfinished. At the end of 2021, the United States had 418,887 operational cell sites, not including the addition of new 5G base stations that wireless providers build onto existing cell sites to continue the rollout of 5G. Although this represents progress, that number falls short of the 800,000 small cells FCC Commissioner Jessica Rosenworcel estimates the United States requires to modernize wireless infrastructure and fully enable 5G capabilities. Providers have rolled out 5G using the non-standalone (NSA) and standalone (SA) deployment methods. The NSA method builds on the existing 4G LTE core network to enable enhanced Mobile Broadband (eMBB) technology by using next generation Node B (gNB) to improve data transmission speed. While this increases the peak data rate, the core network remains centralized, leaving the transition to a decentralized, software-defined (SD) RAN incomplete. The SA method transitions to a cloud-native 5G core to enable ultra-low latency and support advanced network-slicing functions to best support the growing number of devices on the network.
Regulatory System Vulnerabilities
As wireless providers continue deploying 5G technology, the regulatory, physical, and software-related infrastructure required to achieve its promising capabilities invites a variety of vulnerabilities. Many of these vulnerabilities can be traced back to a regulatory system that lags behind technological advancement and the accompanying informational gap between policymakers and the technology they oversee. Recognizing the importance of the enabling function provided by mobile communications infrastructure, the White House released the National Strategy to Secure 5G in 2020 followed by the release of the National Strategy to Secure 5G Implementation Plan in 2021. The National Strategy to Secure 5G identifies the large volume of data transmitted and processed by 5G, exploitation of the system for intelligence collection and surveillance, and attempts to disrupt or maliciously modify the public and private services relying on communications infrastructure as appealing targets for criminals and foreign adversaries. While this more forward-leaning policy stance marks growth in the strategic understanding of the role of 5G and future generations of mobile network technology, much work remains in bridging the gap between the public and private sectors.
As wireless providers build out the small cell base station network required to bring 5G capabilities to fruition, physical vulnerabilities surface through counterfeit or compromised components and supply chain risks. The decentralized nature of the 5G core network demands a high level of trust between 5G providers and companies delivering equipment and services. The requirement of a higher threshold of trust increases the level of scrutiny toward companies seeking to establish market control and provide end-to-end services. The competitive pool of network equipment providers includes Scandinavian companies Nokia (Finnish) and Ericsson (Swedish), South Korean company Samsung, and Chinese companies Huawei and ZTE. Concerns regarding threats to national security led the United States, Australia, Japan, and others to ban equipment from Chinese telecommunications companies within their individual 5G networks. The threats include cyber espionage, intellectual property theft, and the ability of the Chinese Communist Party to leverage Chinese national security laws to maliciously utilize equipment installed by Huawei and ZTE. However, the ban lagged behind deployment and American customers have already built in equipment of Chinese origin. Between 2015 and 2021, at least 1,681 state and local governments purchased equipment and services traced back to the five companies banned by Section 889 of the 2019 National Defense Authorization Act. While policymakers increasingly acknowledge these vulnerabilities, Chinese equipment and service providers have already gained a foothold in the 5G network.
5G Systems Architecture Vulnerabilities
As the 5G network design expands network capacity, extended integration time and the growing number of devices connected to the system increases the attack surface for those seeking to exploit the system. When providers use the NSA deployment method, which integrates 5G with 4G LTE network infrastructure, legacy vulnerabilities from 4G networks present an exploitation opportunity. One scenario imagined by the Enduring Security Framework 5G Threat Model Working Panel lays out how a threat actor can initiate a forced downgrade to a 4G configuration to access information and communications technology components, granting them access to sensitive data. The growing number of connected devices tied to the IoT raises the risk and impact of distributed denial-of-service (DDoS) attacks. Additionally, the persistent threat of eavesdropping still exists with vulnerabilities identified in the reuse of the 5G Access Stratum, Non-Access Stratum null-ciphering, and the optional use of Internet Protocol Security. The enhanced capabilities of 5G increase reliance on the network, which, in turn, magnifies opportunities for invasion of privacy and the effects of denial-of-service.
Attacks on Small Cells
Easily accessible and recognizable small cells that enable 5G present another vulnerability as threat actors can easily incapacitate them. The recent uptick in attacks on critical infrastructure shows that threat actors recognize the impact of the ripple effect they can cause by targeting single points of failure and other critical systems. For example, on December 14, 2020, an individual severed the main power cable to a cell phone tower ground station in Fairview, West Virginia, and removed the batteries from the primary and backup generator, impacting wireless coverage in three states. Within the same week, another individual broke into a cell tower site in Decatur, Tennessee, and cut fiber optic cables, disrupting service for approximately 12 hours. Attacks like these join a list of attacks carried out on 5G cell towers and telecommunications workers in Europe which was fueled in part by conspiracy theories that 5G caused COVID-19. While the growing number of 5G small cells establishes a high recoverability rating for the system, well-timed and targeted attacks can disable IoT devices that are increasingly becoming a part of our everyday lives, which in turn can cause second and third order effects like most outages.
The ongoing deployment of 5G brings with it myriad promising opportunities and vulnerabilities ripe for exploitation by malicious actors. These vulnerabilities highlight the ongoing need for the United States Government (USG) to work with the private-sector entities that operate on the front lines of 5G research, development, and implementation. Furthermore, the USG needs to support the efforts of global standards-setting bodies like the 3rd Generation Partnership Project, Internet Engineering Task Force, and the International Telecommunication Union to responsibly develop the technical standards and security controls governing the advancement of mobile network infrastructure and associated technologies. Efforts to identify and mitigate vulnerabilities must continue to evolve along with the ongoing development of mobile communications networks.
The author is responsible for the content of this article. The views expressed do not reflect the official policy or position of the National Intelligence University, the Office of the Director of National Intelligence, the U.S. Intelligence Community, or the U.S. Government.
- “2022 Annual Survey Highlights.” Cellular Telecommunications Industry Association. September 13, 2022. Accessed February 8, 2023. https://www.ctia.org/news/2022-annual-survey-highlights.
- “5G vs 4G: What’s the Difference?” Thales. June 15, 2022. Accessed February 8, 2023. https://www.thalesgroup.com/en/worldwide-digital-identity-and-security/mobile/magazine/5g-vs-4g-whats-difference#:~:text=For%204G%2C%20latency%20is%20on,developing%20new%20services%20and%20devices.
- “A guide to 5G small cells and macrocells.” Essentra Components. December 10, 2021. Accessed February 8, 2023. https://www.essentracomponents.com/en-us/news/industries/telecoms-data/a-guide-to-5g-small-cells-and-macrocells.
- Bacon, Madelyn. “DDoS attacks among top 5G security concerns.” TechTarget. May 2019. Accessed February 8, 2023. https://www.techtarget.com/searchsecurity/feature/DDoS-attacks-among-top-5G-security-concerns.
- Berman, Noah, Lindsay Maizland, and Andrew Chatzky. “Is China’s Huawei a Threat to U.S. National Security?” Council on Foreign Relations. February 8, 2023. Accessed February 8, 2023. https://www.cfr.org/backgrounder/chinas-huawei-threat-us-national-security.
- Chong, Celena. “The inventor that inspired Elon Musk and Larry Page predicted smartphones nearly 100 years ago.” Business Insider. July 6, 2015. Accessed February 8, 2023. https://www.businessinsider.com/tesla-predicted-smartphones-in-1926-2015-7.
- “CISA 5G Strategy: Ensuring the Security and Resilience of 5G Infrastructure In Our Nation.” S. Department of Homeland Security, Cybersecurity and Infrastructure Security Agency. 2020. Accessed February 8, 2023. https://www.cisa.gov/sites/default/files/publications/cisa_5g_strategy_508.pdf.
- Collins, Mark, et al. “Are you ready for 5G?” McKinsey & Company. February 22, 2018. Accessed February 8, 2023. https://www.mckinsey.com/industries/technology-media-and-telecommunications/our-insights/are-you-ready-for-5g.
- Corrigan, Jack, Sergio Fontanez, and Michael Kratsios. “Banned in D.C.: Examining Government Approaches to Foreign Technology Threats.” Center for Security and Emerging Technology. October 2022. Accessed February 8, 2023. https://cset.georgetown.edu/wp-content/uploads/CSET-Banned-in-D.C..pdf.
- Cui, Zhiwei, et al. “Security Threats to Voice Services in 5G Standalone Networks.” Security and Communication Networks2022 (2022). https://niu.idm.oclc.org/scholarly-journals/security-threats-voice-services-5g-standalone/docview/2712663185/se-2.
- Ekström, Hannes. “Non-standalone and Standalone: two standards-based paths to 5G.” Ericsson. July 11, 2019. Accessed February 8, 2023. https://www.ericsson.com/en/blog/2019/7/standalone-and-non-standalone-5g-nr-two-5g-tracks.
- Moss, Sebastian. “NYPD warns white supremacists and conspiracy theorists are targeting cell towers, critical infrastructure.” Data Center Dynamics. March 18, 2021. Accessed February 8, 2023. https://www.datacenterdynamics.com/en/news/nypd-warns-white-supremacists-and-conspiracy-theorists-are-targeting-cell-towers-critical-infrastructure/.
- Nakashima, Ellen. “DHS to advise telecom firms on preventing 5G cell tower attacks linked to coronavirus conspiracy theories.” The Washington Post. May 13, 2020. Accessed February 8, 2023. https://www.washingtonpost.com/national-security/dhs-to-advise-telecom-firms-on-preventing-5g-cell-tower-attacks-linked-to-coronavirus-conspiracy-theories/2020/05/13/6aa9eaa6-951f-11ea-82b4-c8db161ff6e5_story.html.
- “National Strategy to Secure 5G of the United States.” The White House. March 2020. Accessed February 8, 2023. https://www.whitehouse.gov/wp-content/uploads/2020/03/National-Strategy-5G-Final.pdf.
- Park, Seongmin, et al. “5G Security Threat Assessment in Real Networks.” Sensors21, no. 16 (2021): 5524. https://niu.idm.oclc.org/scholarly-journals/5g-security-threat-assessment-real-networks/docview/2565704290/se-2.
- “Potential Threat Vectors to 5G Infrastructure.” S. Department of Homeland Security, Cybersecurity and Infrastructure Security Agency. 2021. Accessed February 8, 2023. https://www.cisa.gov/sites/default/files/publications/potential-threat-vectors-5G-infrastructure_508_v2_0%20%281%29.pdf.
- “Protecting Against National Security Threats to the Communications Supply Chain Through FCC Programs – Huawei Designation.” Federal Communications Commission. June 30, 2020. Accessed February 8, 2023. https://docs.fcc.gov/public/attachments/DA-20-690A1_Rcd.pdf.
- Remmert, Harald. “What is 5G? Part 1 – Evolution and the Next Generation.” Digi International. August 13, 2019. Accessed February 8, 2023. https://www.digi.com/blog/post/what-is-5g-part-1-evolution-and-the-next-generatio.
- Rosenworcel, Jessica. “Dissenting Statement of Commissioner Jessica Rosenworcel.” Federal Communications Commission. 2018. Accessed February 8, 2023. https://transition.fcc.gov/Daily_Releases/Daily_Business/2018/db0322/DOC-349845A6.pdf.
- “Small Cell 5G Network Market Report.” Markets and Markets. August 2020. Accessed February 8, 2023. https://www.marketsandmarkets.com/Market-Reports/small-cell-market-216204568.html.
- Sungmoon, Kwon, et al. “Towards 5G-Based IoT Security Analysis Against Vo5G Eavesdropping.” Computing Archives for Informatics and Numerical Computation103, no. 3 (January 3, 2021): 425-447. https://niu.idm.oclc.org/scholarly-journals/towards-5g-based-iot-security-analysis-against/docview/2493883193/se-2.
- Wankhede, Calvin. “How fast is 5G in the real world? Compared against 4G LTE.” Android Authority. December 18, 2022. Accessed February 8, 2023. https://www.androidauthority.com/how-fast-is-5g-real-world-3249921/.
- Wikle, Thomas A. “Cellular Tower Proliferation in the United States.” Geographical Review92, no. 1 (January 2002): 45-62. https://doi-org.niu.idm.oclc.org/10.2307/4140950.
 Celena Chong, “The inventor that inspired Elon Musk and Larry Page predicted smartphones nearly 100 years ago,” Business Insider, July 6, 2015, Accessed February 8, 2023, https://www.businessinsider.com/tesla-predicted-smartphones-in-1926-2015-7.
 Thomas A. Wikle, “Cellular Tower Proliferation in the United States,” Geographical Review 92, no. 1 (January 2002): 48, https://doi-org.niu.idm.oclc.org/10.2307/4140950.
 Ibid, 49.
 Ibid, 49.
 Ibid, 49.
 “CISA 5G Strategy: Ensuring the Security and Resilience of 5G Infrastructure In Our Nation,” U.S. Department of Homeland Security, Cybersecurity and Infrastructure Security Agency, 2020, Accessed February 8, 2023, 2, https://www.cisa.gov/sites/default/files/publications/cisa_5g_strategy_508.pdf.
 Harald Remmert, “What is 5G? Part 1 – Evolution and the Next Generation,” Digi International, August 13, 2019, Accessed February 8, 2023, https://www.digi.com/blog/post/what-is-5g-part-1-evolution-and-the-next-generatio.
 Latency describes the delay in data transfer after the data transfer instruction was given.
 Mark Collins, et al., “Are you ready for 5G?” McKinsey & Company, February 22, 2018, Accessed February 8, 2023, https://www.mckinsey.com/industries/technology-media-and-telecommunications/our-insights/are-you-ready-for-5g.
 Calvin Wankhede, “How fast is 5G in the real world? Compared against 4G LTE,” Android Authority, December 18, 2022, Accessed February 8, 2023, https://www.androidauthority.com/how-fast-is-5g-real-world-3249921/.
 “5G vs 4G: What’s the Difference?” Thales, June 15, 2022, Accessed February 8, 2023, https://www.thalesgroup.com/en/worldwide-digital-identity-and-security/mobile/magazine/5g-vs-4g-whats-difference#:~:text=For%204G%2C%20latency%20is%20on,developing%20new%20services%20and%20devices.
 “CISA 5G Strategy: Ensuring the Security and Resilience of 5G Infrastructure In Our Nation,” U.S. Department of Homeland Security, Cybersecurity and Infrastructure Security Agency, 2020.
 Zhiwei Cui, et al., “Security Threats to Voice Services in 5G Standalone Networks,” Security and Communication Networks 2022 (2022), 3, https://niu.idm.oclc.org/scholarly-journals/security-threats-voice-services-5g-standalone/docview/2712663185/se-2.
 “A guide to 5G small cells and macrocells,” Essentra Components, December 10, 2021, Accessed February 8, 2023, https://www.essentracomponents.com/en-us/news/industries/telecoms-data/a-guide-to-5g-small-cells-and-macrocells.
 “2022 Annual Survey Highlights,” Cellular Telecommunications Industry Association, September 13, 2022, Accessed February 8, 2023, https://www.ctia.org/news/2022-annual-survey-highlights.
 Jessica Rosenworcel, “Dissenting Statement of Commissioner Jessica Rosenworcel,” Federal Communications Commission, 2018, Accessed February 8, 2023, https://transition.fcc.gov/Daily_Releases/Daily_Business/2018/db0322/DOC-349845A6.pdf.
 Kwon Sungmoon, et al., “Towards 5G-Based IoT Security Analysis Against Vo5G Eavesdropping,” Computing Archives for Informatics and Numerical Computation 103, no. 3 (January 3, 2021): 427, https://niu.idm.oclc.org/scholarly-journals/towards-5g-based-iot-security-analysis-against/docview/2493883193/se-2.
 Seongmin Park, et al., “5G Security Threat Assessment in Real Networks,” Sensors 21, no. 16 (2021): 5524, https://niu.idm.oclc.org/scholarly-journals/5g-security-threat-assessment-real-networks/docview/2565704290/se-2.
 Hannes Ekström, “Non-standalone and Standalone: two standards-based paths to 5G,” Ericsson, July 11, 2019, Accessed February 8, 2023, https://www.ericsson.com/en/blog/2019/7/standalone-and-non-standalone-5g-nr-two-5g-tracks.
 “National Strategy to Secure 5G of the United States,” The White House, March 2020, Accessed February 8, 2023, https://www.whitehouse.gov/wp-content/uploads/2020/03/National-Strategy-5G-Final.pdf.
 “Protecting Against National Security Threats to the Communications Supply Chain Through FCC Programs – Huawei Designation,” Federal Communications Commission, June 30, 2020, Accessed February 8, 2023, https://docs.fcc.gov/public/attachments/DA-20-690A1_Rcd.pdf.
 “Small Cell 5G Network Market Report,” Markets and Markets, August 2020, Accessed February 8, 2023, https://www.marketsandmarkets.com/Market-Reports/small-cell-market-216204568.html.
 Noah Berman, Lindsay Maizland, and Andrew Chatzky, “Is China’s Huawei a Threat to U.S. National Security?” Council on Foreign Relations, February 8, 2023, Accessed February 8, 2023, https://www.cfr.org/backgrounder/chinas-huawei-threat-us-national-security.
 Jack Corrigan, Sergio Fontanez, and Michael Kratsios, “Banned in D.C.: Examining Government Approaches to Foreign Technology Threats,” Center for Security and Emerging Technology, October 2022, Accessed February 8, 2023, https://cset.georgetown.edu/wp-content/uploads/CSET-Banned-in-D.C..pdf.
 Potential Threat Vectors to 5G Infrastructure,” U.S. Department of Homeland Security, Cybersecurity and Infrastructure Security Agency, 2021, Accessed February 8, 2023, https://www.cisa.gov/sites/default/files/publications/potential-threat-vectors-5G-infrastructure_508_v2_0%20%281%29.pdf.
 Madelyn Bacon, “DDoS attacks among top 5G security concerns,” TechTarget, May 2019, Accessed February 8, 2023, https://www.techtarget.com/searchsecurity/feature/DDoS-attacks-among-top-5G-security-concerns.
 Kwon Sungmoon, et al., “Towards 5G-Based IoT Security Analysis Against Vo5G Eavesdropping,” January 3, 2021.
 Sebastian Moss, “NYPD warns white supremacists and conspiracy theorists are targeting cell towers, critical infrastructure,” Data Center Dynamics, March 18, 2021, Accessed February 8, 2023, https://www.datacenterdynamics.com/en/news/nypd-warns-white-supremacists-and-conspiracy-theorists-are-targeting-cell-towers-critical-infrastructure/.
 Ellen Nakashima, “DHS to advise telecom firms on preventing 5G cell tower attacks linked to coronavirus conspiracy theories,” The Washington Post, May 13, 2020, Accessed February 8, 2023, https://www.washingtonpost.com/national-security/dhs-to-advise-telecom-firms-on-preventing-5g-cell-tower-attacks-linked-to-coronavirus-conspiracy-theories/2020/05/13/6aa9eaa6-951f-11ea-82b4-c8db161ff6e5_story.html.
 “Potential Threat Vectors to 5G Infrastructure,” U.S. Department of Homeland Security, Cybersecurity and Infrastructure Security Agency, 2021.