Tendr: Mapping the attack surface in the next-generation of mobile communication networks
Zadavatel: EU Agency for Cybersecurity (ENISA), Řecko
Jednorázový kontrakt, budget max €40.000
Deadline pro projevení zájmu: 17/10
Details: The next-generation of mobile communication networks (5G) combine several technological innovations into a complex, service oriented and low latency system. A network based on the orchestration of these technologies to provide a highly virtualized environment allowing the integration of various infrastructures and services from various sectors (verticals). Through the integration of multiple technologies into one virtual network, modern mobile communication systems can be considered as a system of systems. The consolidation of various technologies such as cloud, edge-computing, function virtualization, software defined networks and slicing, increase the dependencies among various components and simultaneously expose the entire network to cyberthreats. Exploited weaknesses of one technology may affect the function of the entire network. Adequately crafted attacks, exploiting multiple weaknesses of used technologies, may be very efficient to adversaries while difficult to identify and mitigate.
ENISA seeks external support identifying vulnerabilities of modern mobile communication networks. The assessed vulnerabilities will be associated to assets. Based on asset weaknesses, a mapping of cyberthreats exploiting those weaknesses will be developed. Consequently, technical mitigation controls for the reduction of attack surface of the assets will be proposed. The work will be based on the ENISA 5G Threat Landscape that has identified ca. 140 critical assets and ca. 75 cyberthreats potentially affecting these assets.