The Evolving Security Challenges of 5G and How To Solve Them

We look to the Cybersecurity and Infrastructure Security Agency (CISA) and the Groupe Speciale Mobile Association (GSMA), for guidance in harnessing the opportunities of 5G while addressing its highly complex, heterogeneous and volatile environment.

Leveraging on the convergence of the telecom infrastructure with the open internet through 5G is like stepping into a strange but exciting battleground. Moving from hardware-based infrastructures to software-based mobile networks immediately opens up amazing advancements as well as risks for the organization and its users.

In this article, we look to the Cybersecurity and Infrastructure Security Agency (CISA) and the Groupe Speciale Mobile Association (GSMA), for guidance in harnessing the opportunities of 5G while addressing its highly complex, heterogeneous and volatile environment. 

 

5G Opportunities – Both Good and Bad

5G operates on  Network Function Virtualization (NFV) and Software-Defined Networking (SDN) to advance scale, throughput and reliability. SDN and NFV streamline network and service deployment, operations and management of interconnected devices for IoT, eCommerce, eHealth, transportation, and other verticals. Here are some of the advanced capabilities and features of 5G that make it possible to deliver goods and services at the speed of customer demand.

1. Virtualization

Virtualizing network flows with SDN leads to a simplification of hardware. The central control system, often the hypervisor, acts as the brain of virtualized technologies. As such the protection of this underlying technology should be high. Specific threat modeling for virtualization aware attacks and vulnerabilities should be completed.

2. Cloud Services

Building on virtualized services, the Cloud is a key 5G enabler. Designed to be cloud native as it brings elasticity and scalability,  5G architecture however, can complicate the supply chain and liability chain.

According to Mobile World Live, 5G allows operators to expose rich services through the Cloud and Restful API’s. Secure coding practices should be followed to ensure data is not leaked and the code cannot be used to exploit the cloud provider or operator network.

3. Network Slicing

Network slicing allows the operator to customize the behavior of the network, adapting (slicing) the network to serve specific cases using the same hardware. Different levels of isolation can be created – from a single node of the core network to fully dedicated radio access.  Each isolation type must be integrated at design phase. For example a network slice for remote surgery must consider constant mutual identification and authorisation to stop MITM threats, but a slice for AR/VR content management will not require the same level of security.

4. Mobile IoT

Although the IoT is already prevalent in 2G/3G/4G networks,  the number of IoT connections is due to increase exponentially in 5G. Bigger doesn’t mean the security controls must change significantly, however they must scale. The IoT needs to be securely coded, deployed and managed throughout its lifecycle. Most IoT services share a common architecture and as such the attacks each service will be subjected to are likely to fit within three common attack scenarios:

  • Attacks on the devices (endpoints) via the applications running on the device, remote attacks from the internet and via physical attack.
  • Attacks on service platforms (i.e. the cloud)
  • Attacks on the communications links (e.g. Cellular, WLAN, BLE air interface etc.)


5. eSIM

An eSIM eliminates the need for a removable SIM card on the mobile device, with the data on that card instead being prepared on a remote SIM provisioning platform (SM-DP+) then downloaded in the form of an eSIM Profile via HTTPS into a secure element (eUICC) permanently embedded into the mobile device.

This eUICC, identified by a globally unique EID, is able to store many Profiles, and when a Profile is enabled, the data in that Profile is used to identify and authenticate the subscriber to the mobile network in the same way a removable SIM card would.

The system uses Public Key Infrastructure (PKI) certificates allowing the SM-DP+ and eUICC to mutually authenticate each other. All keys are generated with Perfect Forward Secrecy (PFS).

Management of eSIM Profiles on the eUICC is carried out by the End User in the consumer use case, or a remote sim provisioning platform in the M2M/IoT use case.

6. Artificial Intelligence (AI)

By enabling  Machine Learning (ML) and Deep Learning (DL), operators can automate threat and fraud detection to handle volumes of data that 5G networks will generate. AI may be a more feasible way to mitigate previous unknown attacks in real time. AI may also be used for self-healing networks where the system is able to identify issues and take automated action to deliver the fix. However, this technology is also available to the attacker and AI-driven attacks are anticipated.

 

5G Security Challenges

There’s been an exponential increase in the number of connected devices since the adoption of 5G in 2019. However, more devices plugging into the network means an expanding attack surface for cyber threats. The challenge is – how can we take full advantage of the above-mentioned technologies without compromising the security and integrity of the enterprise. The first step is in recognizing the following downsides:

1. Wide-Scale Breaches

Cloud computing is a type of service that uses virtualization technology consisting of servers, or other physical hardware or data center resources, which can then, in turn, provide numerous services such as infrastructure, software, and platforms. If the cloud layer is breached, all network functions come under direct attack with disastrous consequences.

2. Resource Sharing

A single physical server may run several different tenants’ virtual machines which might be distributed across several physical servers. Multi-tenancy resource sharing and the breaking of physical boundaries introduce the risks of data leaks, data residue and attacks.

3. Use of Open Source

The increasing use of open-source software introduces a new set of security challenges in terms of keeping a consistent and coherent approach to security-by-design and the prevention of deliberate security flaws.

4. Multi-Vendor Environment

It’s difficult to coordinate a unified security strategy across a multi-vendor environment. Policies and determine responsibility for security problems and require more effective network security monitoring capabilities.

5. Supply Chain

A complex supply chain introduces risks such as malicious software and hardware, counterfeit components, poor designs, manufacturing processes and maintenance procedures. This may result in negative consequences, such as data and intellectual property theft, loss of confidence in the integrity of the 5G network, or exploitation to cause system and network failure.

 

5G Security Best Practices

The 5G standard already has inherently strong security capabilities, such as user authentication, privacy, traffic encryption, and protection of signaling traffic. While it is a suitable grounding for an organization’s digital transformation initiative, these features could only get so far as they aren’t designed to identify and stop advanced threats. Here are security approaches that organizations may adopt to address the above challenges.


1. Design Algorithms to Scale and Adapt

5G networks build on the capabilities of NFV to automatically scale resources and workloads based on operational requirements. Thus, security compliance mechanisms such as data logging, monitoring, and verification, should work in tandem with the dynamics of 5G network services. Novel algorithms should be developed to control the content and meet data accuracy objectives while minimizing the impact on the overall performance of the system.

2. Promote Multi-Party Security Management

There are many stakeholders involved in security operations, including but not limited to NFVI providers, network function vendors, and IT service providers. They have the shared responsibility to deliver and manage different NFV components with different application layers which are controlled by different administrative domains. Their policies and efforts must align to ensure compliance across the environment.

For example, when it comes to verifying the access control compliance for a network function, different security compliance checks might be required from the NFVI provider (for example, computing and networking isolation between different customers). In this context, standardization will play an important and possibly an accelerator role.

3. Enforce Continuous Proactive Compliance

The dynamic runtime modifications to the virtual infrastructure and its configuration brought by NFV and SDN may affect security compliance status. Therefore, logging and monitoring mechanisms should adapt to compliance-related events and metrics. Followed by a thorough check on the security posture after an incident.

New approaches must be conceived to adapt to the rate of change and lessen the burden of verifying compliance from scratch. For example, an event-based program can trigger compliance verification in time. Other proactive techniques that use machine learning may enable efficient identification and advance checking of system changes to minimize delays.

 

4. Design Privacy Preserving Systems

Security logging and monitoring mechanisms should preserve the privacy of data through the 5G networks. Anonymization might not be enough. While it helps in protecting data, specific attributes may be lost, making it impossible to effectively analyze the data. Therefore, there is a need for new customizable privacy-preserving approaches that correctly protect data across different domains and different network slices while preserving relevant information for analysis.

 

In Summary

To leverage the advantages of evolving telecom networks like 5G, business leaders must first establish a culture of security and compliance across the organization. At UDT, we believe that advanced technologies coupled with consistent and thoughtful human governance, is optimal for achieving operational excellence.

 

Management and Security Compliance

We help businesses move toward adaptability, scalability and privacy-enhanced technology while providing continuous proactive security, multi-party management, and compliance orchestration. These solutions are supported by monitoring, verification, and enforcement mechanisms integrated into the network function of a fully virtualized environment.

 

Understanding Your Unique Security Needs

Our security experts will help you assess operational maturity and draw a roadmap towards your ideal security posture. By mapping out your organization’s unique vulnerabilities, we can help you establish what technology, practices, policies, and procedures need to be implemented to secure your infrastructure and applications.

 

Reduced compliance burdens with improved accountability

Our managed security services and risk management interface will give you in-depth visibility of your security controls, events, and levels of service. With radical transparency of your environment, you’ll be able to meet compliance requirements easier and immediately remediate any issues.

Accomplish More With UDT

Get your custom solution in cybersecurity, lifecycle management, digital transformation and managed IT services. Connect with our team today.

More to explore

Lost & Stolen Devices are a Serious Data Security Threat—Here’s Why

Since the pandemic, remote and hybrid work has become the norm. While mobile devices and remote workstations have empowered great flexibility, it has also led to an increase in data security problems due to lost, misplaced, or stolen devices. Find out how remote and hybrid setups are contributing to this problem and how to protect yourself and your organization.​

Smishing Attacks are on the Rise—Here’s How To Keep Your Data Safe

Smishing attacks are on the rise, posing a significant threat to data security. Originating from a blend of SMS and Phishing, these attacks have seen a drastic increase since 2020. The widespread use of smishing attacks has persisted, with a lack of awareness being a major issue. Many view these as simple spam messages, unaware of the danger they pose. This blog aims to raise awareness about smishing and provide actionable insights to protect yourself and your organization.

5 Strategic Ways to Master Your IT Budget

Enhance finance IT efficiency with UDT and Cisco. Master IT budget planning, security, and innovation in the competitive industry.

IT Compliance Training for the Finance Industry (Get Your Resource Kit Now)

Download UDT’s IT Compliance Kit for financial services – empowering IT leaders to educate staff on compliance, data protection, and security.

Trend Alert! An Insider’s Look at the Latest IT Solutions for the Finance Industry

Explore the latest IT trends in finance and how UDT’s cutting-edge cybersecurity and managed IT services redefine security for the digital age.

Streamlining IT Operations in the Finance Industry—Top 10 Strategies for IT Leaders

Unleash the power of UDT and Cisco solutions with top 10 strategies to streamline IT operations for finance—enhancing security, compliance, and efficiency.

Experiencing a security breach?

Get immediate assistance from our security operations center! Take the following recommended actions NOW while we get on the case:

RECOMMENDED IMMEDIATE NEXT ACTIONS

  1. Determine which systems were impacted and immediately isolate them. Take the network offline at the switch level or physically unplug the systems from the wired or wireless network.
  2. Immediately take backups offline to preserve them. Scan backups with anti-virus and malware tools to ensure they’re not infected
  3. Initiate an immediate password reset on affected user accounts with new passwords that are no less than 14 characters in length. Do this for Senior Management accounts as well.

Just one more step

Please fill out the following form,