Navigating the advanced threat landscape in the era of 5G
By Amy Lemberger, Cybersecurity Director, GSMA
Why is 5G security different from 4G Security?
To understand why 5G differs from 4G with regard to security we need to reflect on how 4G has impacted society. Launched in 2009, 4G has enabled the ‘always on’ mentality. ‘Apps’ and ‘over the top’ services have become the way we run our lives. As consumers we now expect to do everything online and have little tolerance for services that don’t integrate with our preferred device and virtual personas. This is demonstrated by a study in the UK that showed how people check their phones every 12 minutes . With that in mind the ability to control our devices online was a natural progression, resulting in the expanding Internet of Things (IoT). The growth of the IoT is predicted to continue in 5G with up to 25 billion connections by 2025 . Enterprise reliance on 4G is also prevalent as many organisations cannot survive without the internet, leveraging the plethora of services offered to enrich their business and allowing their employees the opportunity to work anywhere in the world.
Based on our desire to live online the value of the digital world has increased, making it a prime target for attackers. When 4G was deployed the threat landscape wasn’t saturated with fraudsters, cyber warfare nor hackers for hire. These attacks have evolved along with the technologies used within the 4G environment.
Considering this, 5G security must be stronger, faster, and more flexible if it is to protect the way we want to use 5G. 5G will offer scale, speed and new services, each with a new threat landscape to consider. This means the threats must be prevented wherever possible limiting the impact of successful attacks. The controls included in 5G aim to do that.
Essentially, the difference between 4G and 5G security is driven by the way we interact with the service, we live in a different world where the necessity for security is higher and 5G security controls must reflect this.
As the 5G network evolves, what are the key threats MNO’s need to be aware of?
Several technologies are enabled with 5G and the standardised infrastructure provides a way of building future services using industry standard protocols and interfaces. Although the standard infrastructure has developed security controls the deployment of these services will introduce threats that MNO’s need to manage. These include:
- Artificial Intelligence (AI), this technology will act as friend and foe in 5G. Without AI security operations will suffer from increased alarm fatigue ; leading to attackers going unnoticed for longer periods of time. Conversely attackers will be able to add AI technologies to their arsenal. For example polymorphic malware is already used to allow attackers to circumvent anti-virus engines, AI will be used to out manoeuvre other widely understood detection toolsets.
- As the IoT develops so will the number of devices being compromised and added to IoT botnets. These devices can be used to launch DDoS attacks with the aim of taking down networks.
- The network exposure functionality of 5G will be managed via Application Programming Interfaces (API) and if these are not securely managed, throughout their lifecycle, there is the potential for data leakage and network infiltration.
- 5G will be virtualised by default. Network function virtualisation (NFV) will allow services to be isolated from one another. Further virtualisation within the network will allow the tenant to be segregated and controlled via access control and isolation of local services. These combined offer many layers of protection and can limit the spread and impact of a successful attack. These layers of protection are reliant on the service being deployed appropriately.
- Knowing who is in your supply chain is going to be essential as 5G evolves; it will be vast and complex compared to todays. New players and services mean the ability to understand and evaluate the supply chain will be essential. Failure to recognise and appropriately risk assess new players and services will reduce an operator’s ability to protect the overall service.
In essence 5G threats are based on the enablement of technologies and services. MNO’s also inherit the threats from previous generations they will continue to manage. The ever evolving cat and mouse will move to different technologies and services as they are delivered. We must therefore make sure we deliver 5G networks with the most appropriate security controls in the right places to start us off in good stead.
Why is the Mobile 360 – Security for 5G event so important for the industry?
With current expectations and accountability security leaders cannot afford to be complacent with regards to 5G; it is a large scale, industry wide transformation. It impacts more verticals than the mobile generations before and as such leads to new unknowns. Understanding the new challenges, and opportunities, 5G will bring is a major strategic test for all security leaders within the mobile ecosystem.
The GSMA recognise this; and why Mobile 360 – Security for 5G focuses on providing security leaders with information and appropriate resources. The desire is to put their needs front and centre. Providing them with the right environment to learn and collaborate with other security leaders who share a vested interest in 5G.