5G Security Vulnerabilities Concern Mobile Operators

As 5G private networks become more widely available in the next years, security may become a major concern for businesses. According to a report presented at the Mobile World Congress on Monday, significant gaps in mobile operators’ security capabilities still prevail. 

According to the GSMA and Trend Micro report, 68 percent of carriers already sell private wireless networks to enterprise customers, with the rest expecting to do so by 2025. However, these may not be ready for prime time in terms of security: For example, 41% of surveyed operators claimed they are having difficulty addressing vulnerabilities connected to 5G network virtualization. 

In addition, 48% of them indicated they don’t have adequate internal knowledge or resources to find and fix security flaws at all. For 39 percent of surveyed operators, a restricted pool of mobile-network security professionals is a contributing cause to the problem. 

As 5G networks are essentially software-defined and virtualized, they are a significant change from previous wireless networks. In 5G, network operations that were previously defined in hardware are transformed into virtual software capabilities that are orchestrated by a flexible software control plane. In 5G, even the radio access network (RAN) air interfaces are software-defined. The concern is that this opens the door for a slew of new exploitable flaws to appear throughout the architecture, in places where they have never been exposed before. 

William Malik, vice president of infrastructure strategies at Trend Micro, told Threatpost, “Because so much of the environment is virtualized, there will be a lot of software creating images and tearing them down – the volume of virtualization is unlike anything we have experienced so far. The risk there is that we do not know how well the software will perform under such huge loads. Every experience with distributed software under load suggests that things will fail, services will drop and any vulnerability will be wide open for exploitation.” 

“Think about the traffic at a major port – much of the work is not done by individuals but by application software coordinated by scheduling and orchestration software. If you can take this over, you can dump containers into Long Beach Harbor, or ship 2,000 pounds of Cream O’ Wheat to your neighbor. In the port of Amsterdam, the bad guys took over the scheduling software and actually had containers full of guns, drugs, and in some cases, criminals delivered without inspection into the port then smuggled onwards throughout Europe,” he added.

Moreover, rather than transmitting all data to the cloud for processing, 5G employs multi-access edge computing (MEC), which implies that data created by endpoints is analyzed, processed, and stored at the network edge. Collecting and processing data closer to the client decreases latency and gives high-bandwidth apps real-time performance, but it also creates a new footprint to secure, with new data pools distributed over the network. 

Malik added further, “We’re focusing on corporate 5G implementations, generally called NPN – non-public networks. In these environments the 5G signal is restricted to a specific area – a port, a distribution center, a manufacturing facility – so we don’t have random devices connecting, and every application and device can be authenticated (note that this is not an architectural requirement but it is a really good idea). Even with that, the 5G network will be a very efficient way to move data around the site, so if malware gets into something, it will spread fast.” 

According to the survey, MEC is a crucial part of half (51%) of the operators’ plan for serving enterprises’ private network demands in the next two years. Only 18% of the operators polled that they provide security for both the edge and endpoints. 

“The bad guys will try to take over the 5G network by either sneaking some rogue software into the mix, using a supply-chain attack like SolarWinds; or sneaking past authentication to launch their own processes that can crypto mine (steal resources), exfiltrate data, or initiate a ransomware attack,” Malik predicted. 

Even though security skills are currently lacking, nearly half of the operators polled (45%) believe it is essential to invest in security to meet their long-term enterprise revenue targets – compared to only 22% in 2020. 

Due to COVID-19, 44 percent of operators have observed a spike in demand for security services from their enterprise clients, and 77 percent of operators see security as major income potential, with 20 percent of 5G revenue expected to come from security add-on services. 

The 3GPP, which is in charge of wireless network specifications, has included various security features in the 5G specification. 

According to Malik, certain security practices must be implemented: 

-employ technologies to detect activities that are malfunctioning like a process that starts encrypting everything it can touch. 

-take frequent backups and double-check that they are valid to aid recovery from an assault. 

-purchase technology from reputable sources and make use of reliable integrators to hook things up. 

Malik told Threatpost, “Best practices for securing these NPN environments would include authenticating everything and everyone – that’s the idea behind zero trust. You have to prove you are who you say you are before you can do anything on the network.”