Government watchdog urges policymakers to boost cybersecurity for 5G networks

The Government Accountability Office (GAO), a federal watchdog agency, recommended this week that policymakers consider creating cybersecurity standards to ensure a safe rollout of fifth generation, or 5G, wireless networks.

In a report made public Tuesday, the agency detailed “capabilities and challenges” involved in the buildout of 5G networks, making a number of recommendations aimed at scaling up cybersecurity, spectrum availability, and consumer data privacy, along with addressing potential consumer health concerns stemming from 5G radio waves. 

“5G networks introduce new modes of cyberattack and expand the potential points of attack,” the GAO report reads, also noting that “5G networks will exacerbate existing privacy concerns.”

The watchdog agency wrote that as a result, “policymakers could support” nationwide cybersecurity monitoring of 5G networks, along with considering adopting 5G network cybersecurity requirements. 

“Taking these steps could produce a more secure network,” the agency wrote. “Without a baseline set of security requirements the implementation of network security practices is likely to be piecemeal and inconsistent.”

In addition, GAO noted that a coordinated cybersecurity monitoring program “would help ensure the entire wireless ecosystem stays knowledgeable about evolving threats, in close to real time; identify cybersecurity risks; and allow stakeholders to act rapidly in response to emerging threats or actual network attacks.”

The agency previously recommended as part of an October report that federal agencies should take “urgent action” to manage IT risks to the communications supply chain, particularly in order to defend against potential foreign threats to U.S. telecommunications. 

GAO made the recommendations after consulting with a wide range of government officials, industry representatives, and researchers, including representatives from the World Health Organization and the National Council on Radiation Protection and Measurements. 

The agency also met with officials from major wireless carriers AT&T, Verizon Communications, T-Mobile US, and Sprint Corporation as part of an effort to produce 5G wireless recommendations.

“We believe that the information and data obtained, and the analysis conducted, provide a reasonable basis for any findings and conclusions in this product,” GAO wrote. 

Concerns around the security of 5G networks have been widespread and bipartisan on Capitol Hill. Lawmakers have focused on ensuring that equipment from Chinese telecom groups Huawei and ZTE are not included in 5G systems due to potential espionage threats. 

President Trump signed into law legislation earlier this year banning the use of federal funds to purchase telecom equipment from groups deemed national security threats. The law also established a $1 billion federal fund to help smaller telecom groups rip out and replace suspect equipment. 

The House earlier this month approved new bipartisan legislation that would provide $750 million to support the deployment and use of 5G networks in the U.S., helping to combat threats from foreign manufacturers.