By: Jimmy Jones
5G promises to provide ubiquitous connectivity: wherever we are and however we live, at some point almost every facet of our lives will in some way rely on this hyper-connected new world. And that’s also the best way to understand the scale of the security threat 5G brings with it.
Right now, that scale is hard to fully absorb—but the level of impact is clear, and it’s why governments everywhere are trying to secure the technology.
The European Union’s EU Toolkit (supported by ENISA, the European Union’s cybersecurity advisers), the Cybersecurity and Infrastructure Security Agency (CISA) strategy document and the US administration’s Clean Network initiative all point to dramatic increases in regulatory involvement and authority. We also see the much-publicized restrictions on high-risk vendors, particularly Huawei, and numerous other steps. All these moves show that administrations understand how 5G completely changes the playing field.
Today, when attackers intercept an SMS containing a two-factor authentication message, they can commit serious fraud. If they hack the network to affect a service element, then they can possibly interrupt coverage and hamper the ability to contact emergency services.
Similar types of attacks on 5G infrastructure would be much worse. Instead of only hampering emergency services, they could halt them altogether. Such attacks go beyond personal financial fraud to directly affect your property or even personal safety. The effects could touch all sectors of society, including healthcare, transportation, utilities and more. This escalation skews the risk-reward equation and will inevitably intensify hackers’ efforts.
5G also accelerates the move to virtualization. Network function virtualization (NFV) has been with us for nearly a decade but has never gained the expected traction, thanks mainly to the accompanying complexity. However, 5G cannot realistically be delivered without virtualization, so the move to NFV and its successor, cloud native infrastructure, has to happen now. This is true not only of data centers but also of the satellite infrastructure forming at the virtualized network edge.
5G ushers in a service-based architecture to maximize virtualization and deliver the new services and benefits promised by IoT. The network currently supports one solution tailored to subscribers’ use of their devices, but moving forward, every IoT solution will need its own environment—that’s how each IoT service can have the latency, throughput and other features needed for success. Slicing the network like this creates multiple diverse networks, increasing the complexity exponentially. Now imagine this complexity multiplied again, simply due to the massive increase in numbers of connected devices.
5G also brings new technologies and protocols to what was previously a closed network. APIs become central to delivering 5G services, both at the core and the virtualized edge via multi-access edge computing (MEC) and radio access network (RAN). And remember, as Gartner forecasts, APIs will be the most attacked threat vector by 2022.
Universally understood protocols such as HTTP/2 offer a welcome security improvement, such as for international roaming interfaces. Here it replaces the much-maligned SS7, created 40 years ago and not designed to run on IP at all, let alone securely. However, using such a well-known protocol does remove the ‘security through obscurity’ practice. Early research in 5G standalone labs has already shown that HTTP/2 and Packet Forwarding Control Protocol (PFCP) are vulnerable—bad actors could steal subscriber data, intercept communication and cause significant network denials of service.
The same research does make a point that a majority of the vulnerabilities found rely on access to the protocols when being used within what should be internal areas of the operator network, isolated from the outside world, so if deployed correctly should not be possible. However, even with less complex networks, operators make mistakes in configuration and allow internal interfaces to become accessible through the global network. The same researchers highlight that if internal interface security is similar to today’s GTP protocol implementations, then half of all operator networks will be exposed.
5G further brings a broader vendor pool to deliver new services and applications. We’ve seen the Open RAN initiative already get a boost from operators forced to replace Huawei: more choice eliminates vendor lock-in, which is good for operators and removes the security threat posed by monoculture networks. However, it also