[CDP-development] FW: CISA/NSA - Security Guidance for 5G Cloud Infrastructures: Prevent and Detect Lateral Movement

[ALBIN Cinnamon S * DAS]

The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) announced<https://www.cisa.gov/news/2021/10/28/nsa-and-cisa-provide-cybersecurity-guidance-5g-cloud-infrastructures> the release of cybersecurity guidance to securely build and configure cloud infrastructures in support of 5G. Security Guidance for 5G Cloud Infrastructures: Prevent and Detect Lateral Movement<https://www.nsa.gov/Press-Room/Cybersecurity-Advisories-Guidance/> is the first of a four-part series created by the Enduring Security Framework<https://www.cisa.gov/publication/cipac-cs-esf-agendas> (ESF), a cross-sector, public-private working group which provides cybersecurity guidance that addresses high priority cyber-based threats to the nation's critical infrastructure.

Part I focuses on detecting malicious cyber actor activity in 5G clouds to prevent the malicious cyberattack of a single cloud resource from compromising the entire network. The guidance provides recommendations for mitigating lateral movement attempts by malicious cyber actors who have successfully exploited a vulnerability to gain initial access into a 5G cloud system.

5G cloud providers, integrators, and network operators share the responsibility to detect and mitigate lateral movement attempts within their 5G cloud infrastructure. This document provides best practices to secure the 5G cloud from specific cyber threats of lateral movement that could compromise a network.

The series builds on the CISA, NSA, Office of the Director of National Intelligence, and ESF Potential Threat Vectors to 5G Infrastructure<https://www.cisa.gov/publication/5g-potential-threat-vectors> analysis paper released in May 2021, which focused specifically on threats, vulnerabilities, and mitigations that apply to the deployment of 5G infrastructures.


Theresa A. Masse
Cyber Security Advisor, Region 10 (Oregon)
Cybersecurity and Infrastructure Security Agency
Department of Homeland Security
Phone: (503) 930-5671
Email: theresa.masse at cisa.dhs.gov<mailto:theresa.masse at cisa.dhs.gov>

[cid:image001.png at 01D7CBEE.EAE5E970]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20211028/217845ee/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 16152 bytes
Desc: image001.png
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20211028/217845ee/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: SECURITY GUIDANCE FOR 5G CLOUD INFRASTRUCTURES_PART I.PDF
Type: application/pdf
Size: 431042 bytes
Desc: SECURITY GUIDANCE FOR 5G CLOUD INFRASTRUCTURES_PART I.PDF
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20211028/217845ee/attachment-0001.pdf>