The Crucial Security Aspects To Consider As The 5G Wave Arrives
Gen Next for the telecom sector lurks in the wings worldwide.
The fifth-generation (5G) telecommunications network promises to radically revolutionize the digital world by enabling real-time connectivity on a whole new level. We expect incredible new speeds, significantly reduced latency, and enormous bandwidths.
Extraordinary opportunities like smart cities, telemedicine, autonomous vehicles, edge IoT devices, intelligent electric grids, and augmented reality are on offer. This is why it is no surprise that businesses and governments are considering enormous investments in 5G technology.
But in the middle of the excitement of all this technological potential, it’s possible that substantial new threats are being overlooked.
The real-life security concerns created by 5G are already becoming visible. In 2019, at the Black Hat Security conference, researchers stated issues in 5G security, which allowed them to access user locations and carry-out cyber-attacks on devices. Furthermore, researchers at the University Lowa and the University of Purdue detailed 11 design challenges in 5G protocols that could expose user locations, downgrade services to old mobile data networks, or even track when one makes calls, texts, or browse the internet.
5G will impose new security challenges for businesses and new opportunities for cyber-attackers. So, what are the security risks that we are already seeing? What risks do we foresee rising with the proliferation of 5G? Are these holding up the arrival of the shining new technology?
Let us take a look.
Challenges in SDN and NFV
SDN helps to centralize the network control platforms and allows programmability in communication networks. But these two remarkable features also create opportunities for hacking the system. For instance, the centralized control could encourage DoS attacks and expose the critical Application Programming Interfaces (APIs) to unintended software. It’s possible this may cause the entire network to go down. The centralization of network control makes the controller a bottleneck for the whole of the network due to saturation attacks. Given that most of the network functions can be performed as SDN applications, malicious applications, if given access, can spread chaos across the network.
While NFV is incredibly important for future communication networks, it has some fundamental security challenges like conﬁdentiality, integrity, and authenticity. The present NFV platforms do not comprehensively cater to security and isolation to virtualized telecommunication services. One of the critical challenges persistent to the usage of NFV in mobile networks is the dynamic nature of Virtual Network Functions (VNFs)that leads to conﬁguration errors and thus security lapses. However, the more significant challenge that needs immediate attention is that the entire network can be compromised if the hypervisor is hijacked.
Challenges in Communication Channels
5G will enable more complex ecosystems, for instance, including drones and air traffic control, cloud-driven virtual reality, autonomous vehicles, augmented reality, smart factories, cloud-driven robots, transportation, and telemedicine. These kinds of applications need secure communication systems that facilitate more frequent authentication and exchange of more sensitive data. Additionally, several new players, like public service providers, MNOs, and cloud operators, will engage with these services.
Before the emergence of 5G networks, mobile networks owned dedicated communication channels based on GTP and IPsec tunnels. The communication interfaces like X2, S1, S6, S7, which are only utilized in these mobile networks, demand a remarkable level of expertise to attack. However, SDN-based 5G networks won’t have dedicated interfaces like these. Instead they will have common SDN interfaces. The openness of these interfaces could escalate the possible number of attackers. In the present SDN system, the channels are safeguarded using TLS (Transport Layer Security)/ SSL (Secure Sockets Layer) sessions. However, TLS/SSL sessions are known to be susceptible to IP layer attacks, SDN Scanner attacks, and often lack robust authentication mechanisms.
From the customer’s perspective, substantial privacy concerns could arise focused on their data, location, and identity. It’s true that application developers or companies seldom state how the data is stored and for what purposes it will be utilized. Cyber threats like semantic information attacks, timing attacks, and boundary attacks chiefly hit the subscribers’ location privacy. At the physical layer level, location privacy could possibly be compromised by access point selection algorithms in 5G mobile networks. International Mobile Subscriber Identity (IMSI) catching attacks can be leveraged to disclose a subscriber’s identity by capturing the IMSI of the subscriber’s User Equipment (UE). These sorts of cyber-attacks can also be carried out by setting up a fake base station.
Furthermore, 5G networks also encourage the growth of various players like network infrastructure providers, Virtual MNOs, and Communication Service Providers (CSPs). All these players are likely to have different priorities for security and privacy. The mismatch of privacy policies among these players is sure to be a concern in the 5G network. In previous generations, mobile operators possessed direct access and control of all the system components. However, 5G mobile operators will lose the systems’ full control as they may come to depend on new players like the CSPs. Thus, 5G operators could be deprived of the full governance of security and privacy. The norm is that user and data privacy are challenged more in environments where the same infrastructure is shared among various players, for example, VMNOs and other competitors.
Moreover, the 5G network doesn’t have many physical boundaries as it utilizes cloud-based data storage and NFV. Thus, 5G operators may have less direct control of the data storage in cloud environments. As different service providers, companies, and even countries have different data privacy mechanisms depending upon their preferred context, privacy could be at risk depending on location.
Challenges in Mobile Cloud
Because the cloud computing systems contain various resources shared internally amongst users, there is the possibility of a user spreading malicious traffic to pull down the performance of the entire system, consume more resources, or secretly access resources of other users. Likewise, in multi-tenant cloud networks, where tenants manage their own control logic, interactions can trigger conﬂicts in the network conﬁgurations. Mobile Cloud Computing (MCC) transfers the concepts of cloud computing into the 5G ecosystems. This could introduce several security vulnerabilities that could surface with the architectural and infrastructural modiﬁcations in 5G. The open architecture of Mobile Cloud Computing and the versatility of mobile terminals develop loopholes via which cyber attackers could launch threats and breach privacy in mobile clouds.
MCC threats can be classified as front-end, back-end, and network-based mobile security threats. The front-end of the MCC architecture refers to the client platform, which comprises the mobile terminal on which the applications and interfaces needed to access the cloud facilities operate. The threat landscape in this part may range from physical threats, where mobile devices and other integrated hardware components are primary targets, to application-based risks, where malware, spyware, and other malicious software are leveraged by attackers to disturb user applications or gather critical user information. The back-end platform comprises the cloud servers, data storage systems, virtual machines, hypervisor, and protocols needed to facilitate cloud services. On this platform, security threats chiefly target mobile cloud servers. Network-based mobile security threats are aimed towards the Radio Access Technologies (RATs) that interface mobile devices to the cloud. Cyber-attacks in this group include Wi-Fi snifﬁng, DoS attacks, and session hijacking.
There’s little doubt that 5G is all set to become the heart of the global digital economy in the upcoming years. While 5G will undoubtedly bring in business benefits, only meticulous planning and preparation can nullify the potential security challenges. It’s true that comprehensive security protocols and standards are only evolving in the space. That apart, as technologies like IoT evolve, even more complexities are likely to be unearthed. Touching upon those may be beyond the ambit of this blog but stay tuned for more on that important aspect.
In essence, it would seem that over-committing on security could become a critical aspect of a successful 5G service strategy. That could be the most crucial component of the 5G story.