5G networks are the talk of the mobile world, with a few test markets already available in the US and the UK. The launch of 5G networks marks a sea change in greater global connectivity and a radical departure from the traditional network connectivity of the past. It also opens up a range of urgent cybersecurity issues that will require a new approach by mobile network operators (MNOs). The central challenge is the exponential growth of the attack surface as IoT devices and mobile edge-based computing expand on a scale never previously seen.
MNOs face significant cybersecurity challenges with the launch of 5G
5G networks use novel technological concepts to meet the requirements of both broadband access everywhere and ultra-reliable and affordable connectivity to a huge number of IoT devices. To enable this change, MNOs will largely turn to advanced technologies, such as software-defined networking (SDN) and network functions virtualization (NFV), both of which leverage advances in cloud computing such as mobile edge computing (MEC). SDN and NFV technologies, however, present their own cybersecurity issues.
SDN, for instance, will likely be the go-to method for enabling programmability so that most network functions can be implemented as SDN applications. However, if malicious applications are granted access, or critical application programming interfaces are exposed to unintended software, havoc can be spread across the network.
The dynamic nature of NFV can also lead to configuration errors, which in turn create security vulnerabilities. Specifically, VNFs are vulnerable to typical cyber-attacks such as spoofing, sniffing and DDoS (Distributed Denial of Service). A VNF can be exploited by virtualization-specific threats, such as side-channel attacks, flooding attacks, and hypervisor hijacking. Malware injection and virtual machine migration-related attacks, as well as cloud-specific attacks, are also likely.
Billions of devices pose enormous risks
Mobile edge computing extends cloud computing capabilities to the edge of mobile networks, however, the level of protection that can be deployed at edge hosts is comparatively low to what is deployed in traditional large data centers. For this reason, the greatest danger posed by 5G comes from the billions of IoT devices - from smart homes to cars, cities and more - which are currently connected and the billions more that will be. Research firm, Gartner forecasts that by 2020, “there will be 20 billion connected IoT devices globally”, and further, that “more than 25% of identified attacks in enterprises will involve the IoT, although the IoT will account for less than 10% of IT security budgets.”
Vulnerabilities are well-known in IoT devices. Many still use encryption keys over insecure channels, an innumerable amount of IoT devices lack basic cryptographic protection, and still, others have no security built-in whatsoever. There is a real danger that these flaws will be exploited to launch DDoS attacks against 5G network infrastructure. The huge number of connected IoT devices could also cause flash network traffic in the case of uncontrolled and compromised devices, and these large device environments also pose a significant risk to the 5G signaling network.
5G cybersecurity must start at the distributed edge
Addressing the challenges in 5G will require fundamental shifts in how MNOs think about networking and security. Security will need to be edge-to-edge - from the IoT edge, across the core enterprise network and out to branch offices and multiple public clouds. To do this, everything connected to the enterprise ecosystem needs to be identified and its state of security or vulnerability, identified. Following this, all requests for access to network resources will also need to be verified, validated and authenticated.
The cyber risks are so immense and considerable, we simply cannot ignore them. The danger of financial loss, disruption or damage to the reputation of an organization from some sort of 5G network cybersecurity failure will be systemic and immediate.
Today, exposure to cyber risk continues to build throughout systems, as companies deploy more products without appropriate cyber risk practices in place. 5G is like going from fireworks to dynamite sticks and all of the good news and bad news that comes along with this technology will be magnified. DDoS attacks, for example, could become far more powerful than we have ever seen.
Protection begins at the IoT gateway
The Mirai IoT botnet revealed just how much damage can be done by exploiting vulnerable IoT devices. Services delivered by Dyn Corp were crippled and the fact that major sites such as Amazon were taken down further demonstrated the level of collateral damage. Mirai was also used to launch multiple attacks against Lonestar, Liberia’s largest operator, while a Mirai variant brought Deutsche Telekom to its knees. These events were significant, but they could become mere blips when compared to the potential of 5G IoT driven attacks.
There is a need to address security issues around SDN and NFV, but first and foremost the most pressing priority is the need to secure IoT devices at the distributed edge. The consequences of not doing so have the potential to be calamitous. Protection should begin at the IoT gateway with a comprehensive set of IoT-related threat detection and mitigation features across both fixed and mobile broadband networks.
Security measures need to be deployed across any computing platform ranging from bare metal to a fully virtualized NFV, enabling MNOs to have flexible deployment options across their network infrastructures. A network-based IoT cybersecurity platform designed for the modern mobile network architecture is essential to ensure 5G networks securely fulfill their transformative promises.
