5G usage in military and the security elephant

5G is being taken up by many industrial players and the defense sector also realised the opportunities 5G (in particular in combination with satellite communication) can bring. The NATO considers 5G and 6G as ”priority area” and a ”emerging and disruptive technology”. 

The NATO NCI has identified four key areas for usage of 5G in defense scenarios:

1. Deployable Communications and Information Systems (CIS) for expeditionary operations;

2. Tactical operations;

3. Maritime operations;

4. Static communication

The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) identified in addition the usage and risks of 5G for military movements. 

Many defense system vendors started prototyping usage of 5G for those scenarios. There are activities on 5G enabled drones, unmanned ground vehicles, local networks,  maritime communication, aircrafts, TETRA replacement, space, and many more.

Having been working in industrial research for many years I understand the huge difference between a proof of concept and a final product. Typically, a proof of concept is created to explore the potential of a certain technology and evaluate its possibilities and usage areas. Security is rarely on the agenda for a prototype, but when moving towards a 5G defense product, it becomes the security elephant in the room.

Articles and announcements for 5G usage in military scenarios are often accompanied by a note of caution or some questions about the resilience and security of the system. After all 5G is an open standard with APIs for sharing and not a secret proprietary technology. The defense sector is very aware of the general security challenges related to usage of 5G and attempts are made to improve the situation. For example, funding is provided for a challenge created by NATO Defence Innovation Accelerator for the North Atlantic (DIANA) to foster innovation and startups to create a security industry that ensures the security of the new emerging and disruptive technologies.

Still 5G and telecommunication are still  very specific technologies and expertise is rare, therefore many defense companies team up with mobile operators or vendors for their development (Lockheed Martin, 2023, August 9; NPS, 2022, August 17; Tecknexus, 2022, May 31).

The threats are also very specific and while in the past the concerns were mostly about radio jamming and interconnection spying attacks, the attack scenarios are now much more complex and diverse. 

Each usage scenario has its own attack and risk profile. The risks depend on many factors, here are some:

• Interconnection with other systems (e.g., satellite, public networks, partner networks)

• Cloud usage

• Radio interception / jamming

• Legacy technology usage

• API security

• Supply chain (including Open Source)

• Operations, configurations and maintenance

PwC has a long experience in cyber security and we have world experts with 20+ years experience on telecommunication security, that can help you ensure that the security you need for your usage scenarios are up to the task and that partners know what security you expect of them.