Different parties, including virtual mobile network operators (VMNOs), communication service providers (CSPs), and network infrastructure suppliers, will all play a crucial role in building, implementing, and supporting 5G networks as telecoms roll out the technology over the world. As opposed to earlier generations, where mobile operators had close proximity to and control over system components, 5G mobile operators are relinquishing full governance of security and privacy. Synchronizing inconsistent rules in 5G networks would be extremely difficult due to the different values that each actor places on security and privacy.
Let’s look at some specific privacy issues in 5G networks and consider some security options in light of this. Let’s first look back in time at the threats that mobile networks have previously faced.
Defining 5G Security and Architecture
Since the technology is still fairly new and developing, the term “5G security” does not yet have an official definition.
Not that there is no 5G security. In reality, when developing and planning 5G, security was one of the top priorities.
We need to approach the topic of 5G security as a balancing act. On the one hand, security was incorporated into 5G from the beginning. However, in addition to the increased bandwidth and speed, a flood of new devices and connections will make security management considerably more challenging.
5G’s primary purpose in existence is to guarantee the dependability of connections. Resilience, identity management, communication security, privacy, and security assurance are listed as the five fundamental elements of 5G security in an Ericsson white paper. The document claims that a collection of security characteristics that were developed utilizing system design principles and a risk-based attitude are what make 5G trustworthy.
What are 5G Security Challenges?
The 5G network has promising future features including decreased latency and increased speeds. These advantages ought to increase the use of modern technologies. The security risks associated with 5G are real, and continued network rollouts increase the possible attack surface. Here are six 5G security challenges and risks that are attracting attention and will probably continue to be a concern.
-
IMSI Catchers Can Still Pose a Risk on the 5G Network
International Mobile Subscriber Identity (IMSI) catchers are shielded from 5G. Hackers, though, can get through those. IMSI catchers can be used by law enforcement to intercept calls and texts.
Germany changed the rules governing the subject in 2021. Communications operators are now required to work together when police deploy IMSI catchers for surveillance, claims Comms Risk. As Germany continues to build out 5G networks, that transition continues to be alarming.
In addition, the continued use of IMSI catchers on the 5G network compromises user privacy. Thankfully, security experts have revealed evidence that the 5G network provides some defense against IMSI catchers, but as Light Reading points out, successful implementation is key.
-
Operator-Dependent 5G Security Features
The 5G network has a number of optional security features. Each communications network provider decides how to use the service.
For more effective threat mitigation, the authors of a 2022 research study suggest using a strategy called Control Risk Correctness (CRC). It helps mobile network operators locate sources of high risk so they can take preventative action there.
The researchers are hoping that their findings will assist telecommunications firms in creating best practices that lessen risks. Attack rates should decline generally if that takes place.
-
Mitigating Threats to 5G Infrastructure
Some folks still have worries despite learning about the benefits of 5G. This unease was only heightened by false information suggesting a connection between COVID-19 and 5G networks.
To halt the rollout of 5G, some people did desperate things. A 5G tower was intentionally set on fire in New South Wales, Australia, according to The Guardian, preventing locals from using their phones. That serves as a clear reminder that 5G security risks extend beyond the internet environment.
Attackers enjoy spreading fear and mayhem. That can be accomplished by interfering with communication towers. Such manipulation puts lives at risk and poses a physical security concern by endangering vital infrastructure.
-
The Dangers of Unauthorized Data Access
Ethical hackers, sometimes referred to as cybersecurity experts, are frequently the first to discover and inform others of issues that could provide hackers access to 5G-connected devices or networks. Many people specifically search for flaws that criminals might exploit and then alert the accountable parties. In this manner, adjustments take place before disasters.
Researchers investigated and provided evidence of 5G security risks related to IoT APIs that could give adversaries access to an IoT device or its data in a case study from 2022. Weak access controls and inadequate authentication techniques were some of the issues, which suggested some room for improvement. Seven out of the nine IoT systems evaluated were impacted by the vulnerabilities found.
-
Communication Providers Ongoing Battle Against Threats
Another worrying problem is that 5G operators have to deal with a very high volume of attacks. A survey of communication service providers conducted by Nokia/GlobalData in November 2022 revealed that within the previous six months, there had been one to six 5G network breaches. That’s worrying, particularly in light of Box’s claim that catastrophic assaults like ransomware are becoming a bigger cybersecurity threat.
A considerable amount of manual work could be automated, according to those surveyed in the Nokia/GlobalData study, who also reported that their security team members spent too much time doing it by hand. Additionally, they lacked much faith in the current security tools.
5G Security Solutions
A thorough strategy is needed to ensure 5G security, including network segmentation to isolate crucial infrastructure, strong encryption protocols to safeguard data in transit, authentication, and access control systems to confirm the identities of users and devices, virtualization and software-defined networking to improve security management, and continuous monitoring with threat intelligence to identify and counter new threats in real-time. The integrity, confidentiality, and accessibility of data and services may be guaranteed by applying these solutions, which can protect 5G networks from possible security risks and online attacks.
