The wireless communication technology has stepped into the era of 5G, which is a label to an immensely fast and sophisticated data network. 5G has the potential to make the world much more connected due to its critical features like high speed, improved efficiency, better mobility support, high connection density, and capability to connect to many devices. Compared to its predecessor 4G LTE, which was not a viable option at remote places that lacked access to traditional broadband networks, 5G can be deployed as a viable option due to its higher speeds (up to 10 Gbps), lower latency (60 to 120 time faster than 4G), and increased capacity (30-300 GHz) features.
By Ankit Satsangi, Chief Technology Officer and Co-founder of AHAD
Many public and corporate organizations have adopted or intend to adopt 5G towards their network architecture, and furthermore, 5G will connect to more than seven trillion wireless devices and networks to shrink the average service creation time. With the help of 5G, emerging technologies such as cloud computing, Software Defined Networking (SDN), and Network Function Virtualization (NFV) are being implemented by organizations to meet the growing demands of users, as it helps provide a flexible network operation and management within the constraints of operational expenses. Some of the advanced and beneficial features could be listed as:
- Device-centric, distributed, programmable, and cloud-based design
- High data speeds
- 1-10 Gbps connections to endpoints
- One millisecond end-to-end round-trip delay
- Low power consumption
- Improved connectivity even in remote locations
- Higher capacity for supporting devices
The 5G technology thus helps connect different digital aspects and needs to provide society with high service availability while using a diverse set of technologies. However, just like any other digital technology where its rapid growth is accompanied by potential security issues, implementing 5G technology escalates the security focus to another level, demanding advanced safeguards.
Importance of 5G Security
Security in the cyber landscape has always been critical and on the agenda of organizations with a digital presence and invested in telecommunications. The advances in technology in environments such as virtualization, IoT, software-defined networking (SDN), network
function virtualization (NFV), edge computing, and Industry 4.0, when met with equally broad yet deteriorating cybersecurity, will have a significant impact on the security and functionality. Some of the 5G standards are flexible enough to allow an overlap of different types of physical and virtual elements between the radio access network (RAN) and core network. Separating the RAN and core network function in the telecommunication environment is sure to affect the performance but is also accompanied by related security impacts such as SDN, NFV, and edge computing-related issues.
In the information technology landscape, 5G security implications can result in decreased traffic visibility, where a lack of WAN solutions like Secure Access Service Edge (SASE) could result in some business traffic visibility. As the growth of 5G and its ability to connect to a large volume of the device is directly connected to the increased IoT usage, the latter’s security implications also affect the former. As IoT devices generally have had poor security, the vulnerability will supposedly expand to the organization’s security framework incorporated with IoT and corresponding 5G technology. Hence, organizations need to deploy IoT security solutions to ensure that their devices are protected. Similarly, the limited 5G supply chains will also lead to security issues as new mobile technologies are more software dependent than traditional mobile networking, which increases the possible attack surface. The telecom network is equally important when conceptualizing security, and 5G security involves understanding aspects like:
- Increased stake value
- Risk tolerance
- Physical & virtual dependencies
- Security standards, protocols, deployments, and operations
- Proactive cybersecurity measures
- Vulnerability management
- Supply chain security
5G Security Challenges
Organizations with critical infrastructure such as healthcare, energy, and transport tend to incorporate 5G network for faster and efficient operations. But these critical infrastructures will require more security to ensure safety. For, instance security breaches and interruption/shutdown of operations in the energy sector or a single power supply system can be catastrophic for dependent infrastructures. Similarly, there exists a risk of data compromise in the transport layer of the 5G network. Hence, mandating the need to investigate and highlight the important security challenges in 5G networks, and explore potential solutions to mitigate these threats and secure the 5G network. Some of the basic challenges in the 5G network highlighted by Next Generation Mobile Networks (NGMN) could be listed as:
- Increased network traffic (flash traffic) due to an increase in the number of connected devices in the 5G network and IoT.
- Need for radio interface security, where encryption keys are sent over insecure channels.
- Lack of cryptographic integrity and protection for user plane
- Service-driven constraints on the security architecture lead to the optional use of security measures.
- Un-updated user-security parameters in roaming, i.e., switching network from one operator network to another, leading to security compromises.
- Denial of Service (DoS) attacks on the infrastructure due to visible network control elements and unencrypted control channels.
- Denial of Service (DoS) attacks on end-user devices due to poor security of operating systems (OS), applications, and configuration state.
- Signaling storms due to lack of coordination in distributed control systems such as the Non-Access Stratum (NAS) layer of Third Generation Partnership Project (3GPP) protocols.
5G Network Security Capabilities
The 5G network, though having its own challenges, was originally designed with features to address threats faced by previous network generations. Some of the features that can strengthen the 5G network’s security postures and address existing security risks could be classified under infrastructure, standalone and non-standalone.
Infrastructure security capabilities
- Trusted hardware: This involves securing the IoT devices on LTE networks using either protected hardware or virtualized processing environment, which is done at the network level with hardware protection modules (HSMs). These secure components assist with isolating and storing cryptographic processes, encryption, authentication, and cryptographic keys from all network operations.
- Isolation and policy enforcement: This involves allowing the virtual operations to run on trusted hardware that meets the specified asset policies. The data is encrypted at the virtual hard drive level, where the virtual nodes meet desired trust requirements. A well-defined SDN technology tends to allow authorized network communications between different components.
- Compliance and visibility: This involves using technical mechanisms that enforce security over the lifecycle of platforms. The secured Workload environment will help organizations mitigate risks and meet compliance standards by documenting and monitoring configuration changes.
Standalone security capabilities
- User privacy: Devices, while connecting to the cellular network, need to identify themselves and its user, allowing the network operators to limit the access of the network to only approved devices and users. Where many 3GPP-based networks generally distinguish subscribers by assigning them a globally unique identifier known as the Subscription Permanent Identifier (SUPI) to each and then submitting the user’s identifier to the device throughout the link phase. The 5G specifications new security feature allows devices to identify themselves using Subscription Concealed Identifier (SUCI) instead of SUPI during the network link process. This increases protection prevents attackers from observing the link process, capturing the user details, and monitoring the user location.
- User plane integrity protection: When a device transmits traffic to a cellular network through the user plane, it compares with the Control Plane, which is transmitting messages for network management and scheduling. Hence, the 5G technology allows user plane encryption by the device to protect user privacy. However, researchers have shown that attackers can exploit a lack of User Plane integrity and redirect data such as DNS queries, etc. Thus, the 5g network tends to incorporate a new security feature that gives the device an option to provide the User Plane with integrity protection and encryption.
- CU/DU split security: Spitting the 5G base stations into Centralized Unit (CU) and Distributed Unit (DU) allows the operation of security-sensitive functions closer to the core network in a more trusted environment.
- Security Edge Protection Proxy (SEPP): For securing roaming features of inter-operator network connections, SEPP can be used by 5G to interconnect securely. SEPP allows end-to-end confidentiality and integrity between the source and target network for all roaming data traffic and is hailed as a necessary MNO interconnect feature by the 5G standards such as 3GPP TS 23.501 and TS 23.502. New critical security updates include Security Edge Defense Proxy that offers enhanced protection against existing roaming vulnerabilities.
NSA Security Capabilities
- False base stations: Rouge or false base stations (also known as false stingrays) tend to mimic all network tasks. Though the 3G network majorly addressed this security issue, some devices can still connect to a 2G base station, where the rogue base stations keep them connected to a mimic station. The threat actor aims to identify and track users by asking their devices to send their long-term identifier IMSI. The 5G network addresses this issue through its feature of refreshing temporary identifiers in order to detect false base stations and can also secure the permanent identifier through encryption.
The 5G network technology is becoming more and more prevalent and usable for both general and business adoptions, but security implications also accompany it. Though the 5G network trends incorporate many security features that mitigate pre-existing threats in the 3GPP-based network, organizations need to adopt rigorous security measures. As organizations tend to implement 5G technology as a monitoring and control solution at remote locations, but their existing critical infrastructure possesses a high-risk factor. Thus, there is a need for solutions that securely deploy IoT and other devices on 5G networks tailored to specific industry needs.
About the Author
Ankit Satsangi is a global thought leader and cybersecurity advisor with more than nine years of experience in cyber resilience. He is currently the Chief Technology Officer and co-founder of AHAD info tech. Satsangi is a security professional with expertise across endpoint and network protection. His research interests involve but are not limited to, penetration testing, incident response, risk management, SOC automation, SOC orchestration, carbon black incidence response, vulnerability assessment, Data Leakage Prevention (DLP), and social media and email security.
Views expressed in this article are personal. The facts, opinions, and language in the article do not reflect the views of CISO MAG and CISO MAG does not assume any responsibility or liability for the same.