Many countries are investing seriously in their 5G network, especially in Asia – China leading the way. But beware: more connectivity through 5G networks also comes with increased cybersecurity threats. As new technology links both the physical (OT) and virtual world (IT), 5G security risks will have wide security impacts. To overcome these security challenges, researchers need to build security regimes that protect not only 5G infrastructure and services, but the applications and IoT devices that run across 5G systems.
Technology of the future – There is no question 5G technology will be essential to transform our way of living in the modern era, from dawn to dusk. An AI system attached to a smart refrigerator will collect users’ data. It will automatically monitor available grocery supplies, order, make an automatic payment, and get foods delivered directly to customers’ doorsteps. 5G-connected autonomous vehicles will take passengers to their destination and pay toll automatically. The ‘smart’ office system will enable people to collaborate with colleagues and machines from all over the world.[1] Nice, huh?
The development of 5G networks is not limited to smart home and smart offices, but also be useful for large scale industries and the development of infrastructures as parts of smart economy and smart cities. The development of 5G therefore becomes the goal of increasing the competitiveness of many international economies.
5G networks and cyber risks - The shadow issue of 5G network technology is undoubtedly the escalated risks for cyberattacks. Although 5G is susceptible to many of the same cybersecurity risks found in today’s existing telecommunications and enterprise networks, it is also subject to new avenues of attack against core network services due to a more complex ecosystem of technologies and operations. The cybersecurity issue becomes even more critical, given the current importance of technology on human life during the COVID-19 pandemic.
In general, there are three main reasons why 5G systems are sensitive to cybersecurity risks. 5G connects the virtual and real worlds: 5G is based on decomposed, virtualized, and distributed network functions. This type of convergence both exposes new points of cyberattack and leads to challenges in cybersecurity management. Also, the connection of virtual and real worlds by 5G means that if a particular network infrastructure is compromised, the consequence will not only be limited in the digital world. Yet cyber attackers can target connected physical devices such as sensors and cameras and enable them to be taken over and used for distributed denial-of-service (DDoS) attacks.
5G is linked through an Application Programming Interface (APIs): 5G leverages APIs to enable communications between service functions. Insecure APIs can expose core services to attack and place the entire 5G network at risk. The examples of SolarWinds, NotPetya and CCleaner clearly show that an attack on a single API could jeopardize an entire infrastructure.
5G is linked with enterprise, industrial and IoT services: As 5G expands to include advanced enterprise, industrial, and IoT use cases, breaches can put critical infrastructure services at greater risk. The more complex 5G networks, makes it a bigger target for hackers. Therefore, the impact of 5G cyber risks will not be limited to networks providers and users - but also much larger systems.
5G cybersecurity policy going forward - To make the most of this technology, policy makers should work with the private sector to implement effective 5G prevention and control measures. First, to build a safe and secure 5G networks, governments have to adopt zero-trust frameworks. A cybersecurity system using this framework has four characteristics: 1.) limiting access to all interactions, 2.) regulating all interactions, 3.) partitioning assets through small segments, and 4.) regularly monitoring security systems. The end-to-end protecting and monitoring mechanisms of the zero-trust framework will ensure that every activity on the 5G network is secure.
Second, both government and private authorities have to verify the security of their supply chain. Recent examples of major cyber-attacks, including Solarware attack, show that supply chains are the primary target of hackers. Therefore, leveraging trustworthy components and vendors is the foundation for 5G cybersecurity. This is very important. Regulators need to continuously monitor how 5G vendors secure their corporate environments from being attacked, which is not an easy task. Governments have to look at the way 5G vendors protect their entire supply chains: from development to delivery to implementation.
Finally, cybersecurity policies must focus on ‘preventive’ security controls and periodically monitor and respond to actions. Machine learning capabilities and AI are going to be essential tools that help regulators monitor the security system and prevent potential cyberattacks. Regulators additionally should also focus on monitoring physical devices that are connected to 5G networks. To monitor these devices, regulators should consider adopting a Manufacturer Usage Descriptions (MUD) policy.[2] Under this framework, manufacturers need to embed certificates to identify the class and model of all IoT devices.
A secured 5G network will not only benefit vendors and service providers, but also build consumer confidence. So being a 5G leader is not limited to the ability to implement nation-wide network capabilities, but also the effectiveness of its cybersecurity ecosystem.
Red Sky Alliance has been has analyzing and documenting these type of cyber threats for 9 years and maintains a resource library of malware and cyber actor reports available at https://redskyalliance.org at no charge. Many past tactics are often dusted off and reused in current malicious campaigns. Red Sky Alliance can provide actionable cyber intelligence and weekly black-lists to help protect your network.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the lab directly at 1-844-492-7225, or feedback@wapacklabs.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.wapacklabs.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/3702558539639477516
[1] https://www.cpomagazine.com/cyber-security/overcoming-cyber-threats-in-a-5g-world/
[2] Manufacturer Usage Description (MUD) is an embedded software standard defined by the IETF that allows IoT Device makers to advertise device specifications, including the intended communication patterns for their device when it connects to the network.
Comments