Telecoms.com periodically invites third parties to share their views on the industry’s most pressing issues. In this piece Michael Downs, Director Telecoms Cyber Security, EMEA at Positive Technologies, looks at the security concerns that need to be addressed as we roll out 5G.
With the recent launch of commercial services in the US and South Korea, it looks as though 5G has finally arrived. Its promises of superfast connection speeds, ultra-low latency, and greater capacity represent huge opportunities for operators to transform their businesses, allowing them to offer new services and generate revenue through previously unavailable means of monetisation.
But, as with the introduction of any new technology, these opportunities will inevitably be accompanied by risks. Some of these will be known already, inherited from legacy network infrastructure, while others will be entirely new. For 5G deployments to deliver on their transformational potential, operators must take steps to identify and mitigate these risks.
To help expedite the implementation of the first 5G networks, 5G-NR radio layers will typically be coupled with the existing 4G/LTE network in the short term. However, while this will have the advantage of speeding up testing and deployment, it does mean the first 5G networks will inherit the same vulnerabilities as their predecessors.
Take, for example, Diameter, the IP-based signalling protocol used in telecommunication networks to transmit service data. Every Diameter-based 4G network examined in a recent security audit was found to contain vulnerabilities which hackers could exploit to perform a range of illegal actions, such as locating users, intercepting SMS messages, and instigating denial of service (DoS) attacks. It stands to reason, therefore, that as long as they’re tied to these LTE networks, every 5G network will also be similarly vulnerable to Diameter exploitation.
Fortunately, the familiarity of these vulnerabilities works in operators’ favour. It’s known, for example, that most of these flaws are related to a combination of misconfigured or vulnerable network equipment and fundamental issues in the Diameter protocol itself. The GSMA, for example, references Diameter interconnect security in its 5G Implementation Guidelines. It recommends an integrated approach to tackling it, made up of regular analysis of mobile network security, continuous monitoring and analysis of signalling messages crossing network boundaries, and real time attack detection systems.
It’s hoped that these precautions will become academic in time, once 5G is eventually uncoupled from 4G/LTE. Standalone 5G networks, on the other hand, will present their own unique security challenges.
New opportunities, new risks
One of the many new revenue streams offered by 5G lies in the practice of network slicing, in which portions of a 5G network are partitioned and delivered “as-a-service” to suit specific customer segments and use cases. However, while it will increase speed and enable operators to offer a wider range of monetizable services to their customers, network slicing will make network management significantly more complex. In doing so, it will add to the existing issue of incorrectly configured core networks; an issue which continues to plague the telecoms industry.
Its potential unlocked by 5G’s speed and low latency, the Internet of Things (IoT) represents another significant new revenue stream for operators. Indeed, with 20 billion “things” expected to be connected to the internet by next year, the majority of subscribers to 5G networks are likely to be IoT devices rather than people. But, with the number of attacks on IoT devices continuing to rise, this huge opportunity brings with it its own risks.
The fundamental issue is that IoT device protection tends to be poor. It’s impossible to change default passwords in many devices, for example, and patches or updates are rarely available for built-in security software. Vulnerable to exploitation, the distribution of malware among these devices is therefore easily scalable.
Security from the start
Faced with security challenges such as these, operators and equipment manufacturers alike have a unique chance to avoid repeating the mistakes of previous generations, where network security issues had to resolved on the fly in active infrastructure. Acutely aware of the vulnerabilities that may lay ahead, they can – and should – be building security provisions in from the start, during the development of any new network technology.
After all, the huge amount of investment into the development of 5G networks requires some form of insurance. It stands to reason, therefore, that operators must think of how to ensure the security of these next-generation networks from as early a stage as possible. They should consult experts in information security throughout the development of any new technology or services, for example. And following deployment, as well as ensuring that solutions such as firewalls and intrusion detection systems are in place, it’s important that operators continue to perform regular ongoing security testing.
The advent of 5G offers a wealth of new opportunities for telecoms operators. But any excitement must be tempered with caution. Vulnerabilities exist in legacy infrastructure, and new developments will reveal more over time. Mitigating these risks requires security at every stage of a 5G network’s deployment, from architecture development to the implementation of specific services. Putting robust infrastructure security in place from an early stage will help operators ensure the reliability of their service, protect their users, reduce reputational risks and financial losses, and avoid regulatory claims.
As we enter the 5G era, using security as a criteria for quality will give operators a competitive edge.
Michael Downs has been assisting telecoms and mobile providers address the business impact from cybersecurity risks for nearly 20 years. At Positive Technologies, he works side by side with the penetration testing team and research specialists to help mobile network operators globally audit cyber-risk, identify threats, and deploy the correct countermeasures. He also helps network operators address core infrastructure through to RAN and signaling vulnerabilities, which enables them to protect their valuable brand, drive operational efficiencies, and provide additional revenue streams.