Back

Russia Mandates Custom Crypto for 5G Network Amid Security Concerns

Severity: Medium (Score: 43.0)

Sources: News.Risky.Biz, Risky.Biz

Summary

The Russian government is advancing legislation to require mobile operators to implement a domestically-developed encryption algorithm, NEA-7, for the country's 5G network. If passed, all new phones sold in Russia must support this algorithm, while foreign encryption methods will be phased out by 2032. This move is part of a broader strategy to counteract Ukrainian drone operations that utilize Russian SIM cards. However, experts express skepticism about the effectiveness of NEA-7, citing potential vulnerabilities and the lack of supporting infrastructure. The legislation is seen as a symbolic gesture rather than a practical solution, given Russia's minor share in the global mobile market. Additionally, there are concerns that the algorithm could be exploited by foreign manufacturers for market advantages. The rollout of this untested encryption may create opportunities for hacking and surveillance. The current status of the bill is that it is in its second draft, with ongoing discussions in the Russian Duma. Key Points: • Russia is proposing a law mandating a custom encryption algorithm for 5G networks. • The NEA-7 algorithm may be vulnerable and lacks supporting infrastructure. • The legislation is viewed as more of a symbolic act than a practical security measure.

Key Entities

  • Malware (attack_type)
  • Operation Triangulation (campaign)
  • Luxembourg Government (company)
  • Luxembourg (country)
  • Russia (country)
  • CVE-2026-1281 (cve)
  • CVE-2026-1340 (cve)
  • derp.ca (domain)
  • Government (industry)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed