What exactly is 5G security, and why is it essential?
Article by Gigamon A/NZ manager George Tsoukas.
New technology always brings a host of worries about its negative potential, and 5G is no different. Although there are many legitimate 5G security concerns to address and discuss, it’s worth first clarifying the false claim that 5G causes health problems.
It doesn’t — 5G technology is not harmful to humans. With that out of the way, we’ll discuss what 5G is, what security risks it faces, and how experts are working to ensure 5G security.
What Is 5G? 5G stands for the fifth generation of cellular mobile network. In terms of architecture and protocols, the 5G radio access network (RAN) and 5G core are quite different from 4G LTE. For example, the 5G RAN uses new radio frequency (RF) protocols, offers a broader and higher frequency band spectrum, and has an open distributed architecture.
The 5G core differences include:
- SDN with control and user-plane separation (CUPS)
- Disaggregation offering many more discrete control and orchestration functions
- Virtualisation and microservices (that is, containers)
- HTTP/2 (not GTP-C) control plane
- TLS 1.3 encrypted control plane
- Multi-access edge compute (MEC).
These all represent significant changes — and while in some cases they look to help with security, in other cases they open up a potential for more vulnerabilities and even lack of visibility. In addition, the new 5G core is required to help fulfil the expectations that 5G promises; the high-band spectrum alone is not sufficient to fulfil this.
5G is expected to be roughly 100 times faster than the current 4G network, in part because the networks are built on a high-band spectrum, rather than mid-band. This speed boost will bring upgrades to everything from cloud robotics to healthcare.
One major downside of this lower latency network, however, is the range and penetration. The lower power and higher frequency signals don’t travel as far and have a harder time getting through walls, which is why it might take a little longer for 5G to become a standard feature of most mobile device services.
There is a major advantage to this high-band adoption lag, though: experts have more time to find solutions to 5G security concerns.
Many things that make 5G so appealing, like the decreased latency and increased bandwidth, are also threats to security.
Here are some of the most prominent security threats:
New technology – New advances in technology often mean new problems. And given that 5G is not only new but also very different from 4G, this means that while experts can predict some security weaknesses, others may not become apparent until a breach has already occurred.
Increased points of access – 5G allows for more access points. Every additional hardware point of contact creates another potential opening for attackers to access the network. That means all access points will need to be monitored on a physical and digital level.
Internet of Things (IoT) – The speed of 5G lends itself well to use with IoT devices. That said, an increase in connected machines can also mean a rise in 5G security risks. Smaller IoT devices like thermostats often have weaker security, and a breach in one of these devices can mean the entire system is compromised.
Speed – 5G is fast enough to be considered for use in remote surgery and self-driving cars, but that also means it could be harder to track and prevent attacks. At the same time, this critical and sensitive data transmission will require even higher levels of security to avoid breakage in communication, malicious behaviour or snooping/stealing information.
Disaggregated architecture – 5G’s disaggregated architecture means network functions can operate freely from the underlying system hardware, allowing for improved control and visualisation. However, rather than relying on a single, overarching security approach, each of these components will need to have its own security measures ‘baked in’.
Of course, these are just some of the risks to 5G security. Keeping services and connected devices secure is rarely, if ever, a 100% guarantee.
Solutions for 5G security
Although the 5G network poses new and unique threats, there are already ways to help ensure better 5G security:
- Increased defence for individual mobile and IoT devices
- Zero trust combined with a foundation of software security
- End-to-end visibility
- Threat analytics.
For optimal 5G security, networks should be treated as a zero trust environment, where it cannot be taken for granted that connected devices will have sufficient security or vulnerability protection. So the first step should be ensuring adequate visibility across the network with appropriate security monitoring, threat detection, and mitigation processes in place even before devices are connected to the 5G network.
Keeping 5G networks secure will be a group effort, involving network providers, cyber security experts, and customers themselves. As a second line of defence in conjunction with zero trust, a foundation of software security for mobile and IoT devices will need to be developed in tandem with network providers and cybersecurity firms.
Even innocuous IoT devices like smart fridges should be equipped with high-level security. What’s more, precautions should be in place to ensure a breach in lesser IoT machines won’t lead to unauthorised access of sensitive information.
Next, end-to-end visibility is vital for monitoring any system. It’s especially necessary in 5G security, where there are so many access points for malicious actors to target.
This monitoring should extend across all layers of the network, including the physical network cells and data planes. Effective monitoring will also provide vital information for understanding new attacks. Combined with mitigation procedures, this will provide a more effective defence against potential incursions.
Threat analytics is a valuable way to track and even predict attacks. Ideally, these analytics systems would be able to enact preventative measures to stop a breach from occurring. These programs offer vital information in the ongoing process of defending devices on a 5G network.