AT&T, Ericsson Call for 5G Network Security Rethink

The rollout of 5G has turned mobile networks into programmable platforms, inviting a wave of third‑party software, cloud‑native functions and AI‑enhanced services. That openness, while accelerating innovation, also widens the attack surface, prompting operators to rethink traditional perimeter defenses. AT&T’s partnership with Ericsson to publish a joint security blueprint reflects a broader industry acknowledgement that safeguarding next‑generation connectivity requires a unified threat model. By framing AI, open‑RAN and future 6G under a single security narrative, the paper sets a reference point for standards bodies and regulators alike.

At the heart of the new approach are three technical pillars: AI‑driven anomaly detection, post‑quantum cryptography (PQC) and zero‑trust architecture. Machine‑learning models can both expose vulnerabilities and serve as rapid responders, but they must be hardened against model‑poisoning and data‑exfiltration. PQC promises resilience against quantum attacks, yet its computational intensity threatens latency budgets in the radio access network, demanding hardware acceleration or selective deployment. Zero‑trust principles reinforce identity‑based access and continuous verification, ensuring that even compromised components cannot pivot laterally across the disaggregated stack.

The blueprint’s call for ecosystem‑wide collaboration signals a shift from siloed vendor roadmaps to shared security standards. Operators, chipset makers, open‑source communities and security firms will need to exchange threat intelligence and co‑author compliance frameworks, a model reminiscent of the O‑RAN Alliance’s success. For policymakers, the document provides a concrete basis to shape regulations that balance openness with resilience. As the industry eyes 6G, early alignment on AI safety, quantum‑ready encryption and joint governance could become a competitive differentiator, reducing the risk of incidents like the recent Salt Typhoon breach.