KIANEWS Security risks in 5G mobile and network
05. 01. 2023 Thursday / By: Robert Denes / The key / Exact time: BST / Print this page
5G is an acronym for the fifth generation of wireless mobile networks. 5G networks will connect billions of devices and the Internet of Things (IoT), leading to use cases such as smart cities, AR/VR on mobile networks, remote medicine and more.
The potential applications are widely believed to be almost limitless. However, the huge potential and almost unlimited connectivity present many challenges, not least security capabilities, which are critical to the success of 5G. The bottom line is that 5G networks are insecure by design.
Companies building private 5G networks must design and deploy appropriate tools to encrypt sensitive message traffic, block IT attacks against x86-based servers, and protect OT protocols and equipment. The US National Security Agency (NSA) has just released a report outlining the cybersecurity threats associated with the fragmentation of mobile broadband 5G networks.
Network slicing allows operators to combine multiple network attributes or components, potentially across multiple carriers, to support specific applications or services for 5G users.
While effective for service delivery, 5G network slicing casts a wide threat net, including potential weaknesses in policy and standards, supply chain and other issues.
"While network slicing is not unique to 5G, it is a critical component as the 5G specifications require network slicing as a core component and therefore require network operators to implement security practices that can mitigate threats like those described in this document." NSA report.
Potential threats include denial of service (DoS), man-in-the-middle (MitM) and configuration attacks, he added.
The NSA, along with the Cybersecurity and Infrastructure Security Agency (CISA), brought together members of the public and private sectors to address the security concerns of 5G slicing. The 5G Cybersecurity Report examines the role architecture will play in enabling emerging technologies, including autonomous vehicles, and how to ensure this. However, with these additions and changes, new security risks and additional attack surfaces must be addressed.
Increased attack surface: With millions or even billions of connected devices, 5G enables larger and more dangerous attacks. The current and future vulnerabilities of existing Internet infrastructure are only getting worse. The risk of more sophisticated botnets, data breaches and faster data extraction may increase with 5G. More IoT, more problems: IoT devices are inherently insecure; security is often not built in. Every unsecured IoT device on your organization's networks represents another potential loophole for an attacker to expose. Reduced network visibility: With 5G, our networks will only expand and become more usable for mobile users and devices. This means a lot more network traffic to handle. But without a robust wide area network (WAN) security solution such as Secure Access Service Edge (SASE), companies may not be able to gain the visibility into network traffic needed to identify anomalies or attacks. Increased supply chain and software vulnerabilities: Currently and for the foreseeable future, 5G supply chains are limited. Vulnerabilities exist, especially when devices are rushed to market, increasing the potential for faulty and unsafe components. Data collection: This is another big concern for 5G users. Virtually all smartphone apps require users' personal information before or during installation.App and software developers rarely mention how and where this data is stored and what it will be used for. 5G networks have no physical boundaries and use cloud-based data storage. Consequently, 5G providers cannot protect or control user data stored in the cloud environment.
Because different countries have different levels of data protection measures and enforcement, user data protection is a major challenge if and when data is stored in another country's cloud. Compared to traditional mobile networks the 5G also relies more on software, which increases the risk of exploiting the network infrastructure.
Via Link
