Threat landscape: 5G offers many opportunities to hack high-speed mobile communications
5G creates opportunities for users but also for cybercriminals, so how can organizations ensure the security of 5G wireless networks?
One thing is clear about 5G and network security: it does not imply the same thing either. Organizations cannot simply expand existing practices and technologies; they need a new approach.
As Adrian Belcher, Solutions Architect at Gigamon, told me, organizations need to “treat 5G as a paradigm shift, and they’ll need an open mindset.”
>See also: Implementing a strong information security policy
5G wireless network security
New apps will emerge to take advantage of the faster speeds offered by 5G – “It’s a huge opportunity,” says Belcher, but warns it’s “not an extra step.”
With opportunity comes challenge. As Jake Moore, ESET Global Cybersecurity Advisor, said: “While 5G paves the way for the future of technology for next generations, it comes with a number of security issues that must be resolved before it is too late”.
He added: “5G networks will free up high-speed servers allowing billions of devices to connect and operate more efficiently, but this data will be extremely sought after and security must be issued from the design phase. Legacy approaches have taught us that older technologies cannot withstand modern attacks, so adding many more devices to the network naturally increases the number of intrusion points.
>See also: Countering Common Information Security Threats
For organizations securing 5G network security, there are four considerations:
- Network interconnections
Radio Access Network (RAN)
The RAN (Radio Access Network) is the actual antenna carrying radio waves in the 5G spectrum. As Scott Goodwin of DigitalXRAID puts it: “They are at the forefront of the entire ecosystem, on cell towers placed as close to end users as possible and act as a conduit from the radio world to the digital packet-switched or IP network. “.
RAN presents unique challenges, including the risk of physical damage to antennas – not necessarily deliberate, but potentially. Consider, for example, how at the height of the Covid outbreak, some individuals blamed 5G for making Covid worse and attempted to damage masts.
For organizations trying to keep the 5G wireless network secure, there is little they can do to protect cell towers – they are beyond their control. But they will need contingency plans; they will need to plan for business continuity. In short, they will need to understand the risks and plan accordingly.
“I think many organizations and businesses need to start thinking differently about business continuity,” Belcher says, “especially in light of what’s happened over the past two years.”
>See also: Mitigating Common Network Management Security Issues
“The core network is at the heart of the system and provides all the required technological service overlay; it is absolutely essential to the mission; any compromise here can disrupt the availability of mobile networks,” Goodwin explained.
For Moore, network technology raises the thorny issue of foreign agents. “The use of equipment in networks provided by foreign companies must be carefully checked before the infrastructure allows foreign states to effectively spy on the data. In addition, high-risk suppliers must be omitted from being able to analyze the data, and stricter rules are being applied to make the infrastructure private.
Transport and network interconnections
Finally, there are transport and network interconnections; these determine how the entire system connects to the core network or other providers’ networks for roaming and moving from cell towers.
5G is also about disruption, a whole new way to ensure security. For Adrian Belcher, disruption is vital.
He explained that 4G used what could be called a “proprietary architecture”, but with 4G and 5G in late stages, it’s different. “The architecture can use, for example, VMware or OpenStack, but regardless of the software platform, it’s a much more open environment.”
He added: “Securing 5G networks requires a different skill set…I’m a convert to the art of the possible with 5G, but organizations need to be realistic about what they’re up against. I think they need to take a very strategic view of 5G. If you dip a little and dip your toe in it, you may find that you don’t realize enough value to justify the disruption.
“It’s not going to be about doing more and sticking to proven practices. But I would say they have to approach it realistically and with an open mind, there might be some pretty tough decisions and comfortable relationships with some suppliers might have to come to an end.
But while Belcher doesn’t see what he calls “seamless 5G adoption” and says the traditional market won’t disappear overnight, he thinks 5G will eat away at the enterprise market.
Machine learning and the cloud
5G will create multiple opportunities for the application of AI and intensive use of Cloud and Edge Computing. But as Jake Moore said, “Cloud-based threat analysis and the introduction of machine learning on big data will enable rapid responses to unknown threats and potential attacks.
“While we can put measures in place to mitigate the current threat landscape, bad actors adapt very well to change and are often faster than the antidote, so although 5G will put an end to some current threats , it will also create other unknown threats. shortcomings, and thus the result will be a consistent adoption of new mitigation techniques against increasingly cumbersome and sophisticated attempts.
Scott Goodwin suggests that “across the business, security, confidentiality, integrity and availability are key concerns and must be addressed in particular by our telecommunications providers.”
He further explained, “They must follow the adaptations of leading frameworks such as NIST and CAS-T and implement clear cybersecurity strategies to protect their assets and end customers. These will include extensive external security testing, comprehensive security monitoring, well-defined security objectives and a robust risk management process.
Opportunity and Challenge Revisited
5G is a huge business opportunity, but for organizations to ensure 5G wireless network security, they will need to adopt a new mindset. Disruption creates winners and losers, and to be winners, businesses must commit to the challenge, seize the opportunity, and plan strategically. Above all, they must be ready for change, lots of change.
Learn more about cybersecurity
Top 10 most disastrous hackers of the 2020s so far – This article examines the 10 most disastrous cyberhacks performed on organizations in the 2020s, so far.
Jake Moore – deepfake is the next weapon of cybercrime – Jake Moore, Cybersecurity Specialist at ESET, explains what protections every business should have to fight cybercriminals, how CTOs can make their job easier and why deepfake video is the next front in cyber warfare
Cybersecurity spending will hit $188 billion next year – Cybersecurity spending will also see double-digit growth in 2024 until cheaper solutions hit the market.