5G towers against a blue and yellow cloudy sky

MITRE’s FiGHT Leads the Charge to Ensure Secure and Resilient 5G  

FiGHT arms the 5G community with knowledge of how adversaries could disrupt networks across communications, defense, healthcare, and beyond. The framework helps organizations deter threats—and develop and deploy secure and resilient 5G systems.

From hacked bank accounts to unauthorized credit card purchases to stolen identities, if you haven’t been personally impacted by a security breach, you probably know someone who has. No wonder most Americans harbor concerns about our nation’s cybersecurity.

Since the dawn of 4G, the U.S. has made great strides in advancing wireless-technology security. But 5G, with its ability to connect devices and systems super-fast and ultra-reliably, is a game changer.

5G impacts almost every aspect of our lives. Think: communications, national security, travel, and healthcare. Yet as this revolutionary technology expands globally, there’s little information available on the threats to 5G, making it challenging to protect.

MITRE’s FiGHT™, short for Five G Hierarchy of Threats, is working to change that. The framework enables organizations—for the first time ever—to assess the confidentiality, integrity, and availability of 5G networks and the applications using them.

FiGHT draws on MITRE’s expertise in wireless technology and cybersecurity. Our role managing several federal R&D centers also enables us to help drive advances in 5G security. 

We asked Michaela Vanderveen, MITRE lead for FiGHT, and Amanda Toman, the Department of Defense’s director of 5G Transition Office and Cross-Functional Team, to discuss how the 5G community can benefit from this capability.

Q: With all the security tools on the market, what’s unique about FiGHT?

Vanderveen: FiGHT focuses exclusively on 5G. It’s the most-secure cellular system to date, yet it still has significant vulnerabilities. Deployments are rolling out all over the world without the benefit of a comprehensive and structured understanding of the associated threats.

The movement toward service-oriented, commercial 5G architecture creates large attack surfaces adversaries will exploit. This means all kinds of different opportunities to disrupt 5G operations. We have to prepare to address known and emerging threats. FiGHT catalogs key information on adversary behavior in the 5G space.

We’re collaborating with our government sponsors and industry stakeholders to encourage contributions to this framework. For example, we’re doing threat assessments with our sponsors. This enables them to categorically look at the threats they might encounter in a given environment. And it informs their cyber investment planning to achieve the highest impact.

Toman: That last point is critical for DoD. We know 5G wasn't designed for use on the battlefield or in severely hostile RF environments. So when we deploy 5G in those kinds of security environments, we have to consider the gaps. FiGHT’s threat assessments enable us to use data and science to assist in addressing those gaps.

If we’re deploying a smart warehouse, for example, what do we need to prioritize when it comes to security? Right now, there isn’t a ton of publicly available information about the threats to 5G. FiGHT provides crucial knowledge to help us make those key investment decisions.

Q: How exactly does FiGHT work to improve 5G security?

Vanderveen: FiGHT builds on concepts from existing security frameworks, such as MITRE ATT&CK®, to provide a threat model that documents adversary tactics and techniques. The framework serves as a foundation for 5G security research.

But FiGHT goes beyond research, offering immediate operational utility. It’s organized so those needing to share threat intelligence and develop threat-informed defense can actively use it right away.

FiGHT adopts adversary behaviors into its framework under three scenarios. First, through empirical observation, integrating behaviors from contributed threat intelligence from the community. Second, through a proof of concept where researchers successfully demonstrate adversary behaviors in a laboratory setting. And finally, by incorporating conceptual behaviors not yet demonstrated in a lab setting or out in the real world.

As this knowledge base grows, so does our ability to inform cyber defense and cyber risk management. FiGHT empowers users to assess their defenses, emulate adversaries, develop analytics, understand threat coverage, build threat models, and mitigate attacks.

Q: Why is engaging the entire 5G community of interest so critical to FiGHT’s success?

Vanderveen: 5G isn’t only a government issue or an academic challenge or an industry concern. It’s a national issue with huge security and economic impacts. The skills needed to secure 5G are broader than existing telecommunications skillsets, including AI, big data, IT, and cloud. To get this right, we need to take a holistic approach to 5G security.

MITRE developed FiGHT to help the 5G community build, configure, and deploy secure and resilient 5G systems. We plan to regularly release new frameworks based on stakeholder feedback. The community contributes its expertise in cellular systems, its visibility into real-world threats, and operator and vendor perspectives to help evolve FiGHT.

Toman: And while FiGHT helps the DoD, this is more than a DoD capability. It provides a threat model broadly applicable to carriers, service providers, and enterprises. It helps the larger community of interest better evaluate new security technologies. That means we raise security awareness and capability across the 5G industry.

Given the enormous scope of 5G, it’s impossible to do this alone. We need an active and engaged stakeholder community that understands the need for collaboration to secure 5G not only across the U.S.—but around the world.

To learn more about FiGHT or provide feedback, contact fight@mitre.org.