Info Image

Mobile Networks Are Evolving With 5G - And So Are the Security Threats Targeting Them

Mobile Networks Are Evolving With 5G - And So Are the Security Threats Targeting Them Image Credit: cpoungpeth/BigStockPhoto.com

Telecom operators must think again about how best to defend their mobile networks and protect their subscribers, says Dmitry Kurbatov, co-founder and CTO of global mobile telecom security start-up SecurityGen.

Mobile operators today face a growing range of continuously evolving threats. If hackers successfully breach an operator’s network, they can significantly disrupt the delivery of vital services, seriously damage customer relationships and cost the operator millions in lost revenue from fraud or network outages.

Data leakage is a constant concern. Operators are responsible for sending and receiving vast quantities of sensitive customer data on a daily basis. If this data falls into the wrong hands, operators must pay a heavy price: GDPR regulations mean that if a mobile operator in the EU leaks the personal data of its users, they risk a fine of up to EUR 20 million or four percent of their annual revenue.

Fraud continues to be an expensive and ongoing problem for the telecom industry as well. Operator losses due to fraudulent activity currently represent between one and two percent of the industry’s annual revenue.

Network outages also come at a huge cost for mobile operators. The total cost of downtime will vary according to specific circumstances, but will include losses in revenue and lost productivity, plus reputational damage and the cost of any necessary remediation.

These threats mean operators have always needed to be vigilant. But the advent of new technologies including 5G, Virtualization, Cloud, Artificial Intelligence, and the Internet of Things - together with the need for seamless interoperability between existing 2G, 3G and 4G networks - means mobile networks are far more complex than ever before. This in turn increases every network’s attack surface.

Why existing security solutions are no longer fit for purpose for today's mobile networks

As mobile networks become more complex and dynamic, new and serious security challenges have emerged for operators. As a result, current security measures are simply not enough to properly protect networks and subscribers alike from cyber attack.

5G in particular has been developed with improved security protocols than previous network generations. However, along with the complex 5G ecosystem, which presents several pathways for hackers to seek access, because 5G relies on widespread protocols like HTTP/2 and IP, hackers may not need specialist telco knowledge and skills to attack.

The pressure is on operators to continually inspect and assess the security of their networks in order to identify and rectify vulnerabilities. The cost of effective identification and prevention strategy is far less than the cost of fixing an exploited vulnerability after an attacker has wreaked havoc in the network by stealing data, denying service to subscribers, or causing a complete network outage. And has further negative impact in terms of reputational damage and loss of trust among customers.

Unfortunately, there is no one-off patch or solution or technique that operators can deploy to secure their networks. What’s needed instead is automated and frequent inspection and testing that is supported by the latest threat intel and continually updated threat databases.

A proactive, security-by-design approach to telecom security

Safer, more secure mobile networks depend on operators moving away from their current cybersecurity posture and adopting a more proactive approach that views the network as a whole rather than as separate components.

Operators must aim to ensure comprehensive security across all the layers of the 5G rollout process - connections, applications, and devices. More regular inspection of their networks increases the likelihood of early threat detection and allows operators to address and resolve issues before services are affected.

Once detected, threats are prioritised and addressed. Any detected vulnerabilities should be tested and probed to fully account for potential threat level they represent.

This is where a holistic Inspection, Detection, Protection (IDP)-based security approach comes into its own. This approach continuously helps validate efficacy of security controls and ensures a continuous loop of proactive security assessments to help detect attacks across the network core and the expanded 5G ecosystem.

By adopting an in-built defence mechanism that helps prioritise and eliminate identified threats, operators benefit from round-the-clock protection against existing and advanced new security threats to their networks. With this new, all-encompassing approach to network security, operators can stay ahead of attackers, and effectively defend their networks and protect their subscribers on an ongoing basis.

A few basic steps in this direction could be:

1) Assessments

Testing the different elements of the network is the first step. Base stations should all be tested to check the security of the radio and access networks. Likewise, testing of the core network, since it is fully exposed to physical and virtual infrastructure. Infrastructure equipment – both hardware and software – consists of closed-off “black box” solutions, which makes it difficult to uncover possible vulnerabilities contained within them. Testing the MEC elements of the network is also important, as these can lack architectural security.

2) Monitoring

Network-wide security monitoring is integral to supporting a secure environment because it lets the operator see what’s happening inside the network. It provides the all-important visibility to rapidly detect threats as they appear: and to put in place defensive counter measures equally rapidly as well.

3) Protection

There’s no point in creating proactive protection by building borders around the mobile network - the network and the services running over are already exposed. Having visibility over the infrastructure is the only way to enforce control and protection. Mobile operators can do so with patching and verification for access networks: hardening and compliance for virtualization: design review and security requirements for Multi-Access Edge Computing: and traffic filtering and continuous fine-tuning for the core network.

Effective mobile network security is continuous, comprehensive and involves a range of processes – automated security testing: end to end visibility for policy enforcement: and ongoing and iterative security that creates and sustains a trusted and secure network environment.

Author

Dmitry Kurbatov, the CTO and Co-Founder, is a world-renowned telecom security expert with over 15 years of experience in researching 5G, LTE network, SDN/NFV, and IoT. 

A telecom security veteran with a sharp focus on a research-based approach - Dmitry, along with his R&D team, have led several innovative global telecom security deployments. He has spearheaded the development of an automated security analysis system and telecom security research, which includes identifying vulnerabilities in network equipment, errors in data transfer, network design, protection of signalling protocols (SS7, Diameter, GTP), and IoT security. 

Dmitry graduated from Moscow Technological University (MIREA) with a degree in information security of telecommunications systems.

PREVIOUS POST

Push to Eliminate 'Digital Poverty' to Drive Demand for Satellite-Powered Broadband Connectivity Post Pandemic