MITRE and Department of Defense announce FiGHT framework to enhance 5G security
FiGHT empowers organizations to, for the first time, reliably assess the confidentiality, integrity, and availability of 5G networks, as well as the devices and applications using them.
“We’re honored to join the Department of Defense in equipping the 5G community with a collaborative, open-source tool against cyber threats,” said Charles Clancy, Ph.D., senior vice president, general manager, MITRE Labs, and chief futurist. “FiGHT helps stakeholders assess where cyber investments should be made to achieve the highest impact as they build, configure, and deploy secure and resilient 5G systems.”
“With an engaged 5G stakeholder community populating the threat framework,” said Amanda Toman, director, 5G Transition Office and CFT (Cross Functional Team), Office of the Under Secretary of Defense (Research & Engineering). “FiGHT will serve as a pivotal tool to the DoD’s ability to deploy secure and resilient 5G systems.”
FiGHT’s adversarial threat model for 5G systems is derived from MITRE ATT&CK, a knowledge base of cyber adversary behaviors, and assessments of academic research and other frameworks. FiGHT is a purpose-built model of observed adversary behaviors in telecommunications environments.
“We identified an industry need for a structured understanding of 5G threats because even though 5G represents the most secure cellular standard to date, it can be implemented and deployed in ways that still have risks and vulnerabilities,” continued Clancy. “FiGHT fills that gap for telecommunication providers, manufacturers, and cybersecurity researchers.”
FiGHT serves as a foundation to 5G security research and can be operationalized in various ways, such as to conduct threat assessments, enable adversarial emulation, identify coverage gaps, and inform cyber investment planning.