5G is presenting new cybersecurity challenges for telcos as well as creating new revenue opportunities. While much of the hype around 5G is focused on consumer applications and content consumption, it is the enterprise market where telcos have the potential to capture exponential growth.
The global 5G services market size is estimated to reach $414.50 billion by 2027 with a CAGR of 43.9% from 2021 to 2027, according to Grand View Research. With the right approach, there is an opportunity to accelerate ROI on their 5G infrastructure deployments, create new value from existing core network assets, and position their businesses at the centre of ICT ecosystem.
The challenge is to provide a secure foundation for 5G and serve growing enterprise demand for security solutions. Telcos that can secure 5G both directly in vertical-focused solutions and help customers to enhance their security posture will go from being network vendors to digital enablers. Building out cybersecurity capabilities is the first step in going beyond being a dumb pipe and enabling new and innovative solutions to be developed.
As more 5G services are rolled out across telco networks, attack surfaces are growing, and solutions are becoming increasingly complex. It is an environment that is more difficult to secure and one that is rapidly expanding. Research firm IDC estimates that 152,200 IoT devices will connect every minute by 2025. Each endpoint is a potential vulnerability across a network and a risk for telcos.
If telcos cannot secure 5G-enabled IoT deployments, then they will likely be left on the side lines as other providers meet the strict requirements of industrial deployments. They need to prevent unauthorized access, secure data transmissions and maintain smooth monitoring of a much larger attack surface.
Limiting 5G risk
Cybersecurity has to be central to the development of 5G-based solutions that target vertical industries like manufacturing, logistics, healthcare, and other sectors. Telcos should take a “security-first” approach to solutions development and recognise that the success of their vertical targeted offerings depends on robust security processes and technologies. They have to address vulnerabilities while continually evolving their security secure postures.
Telcos are being threatened by distributed Denial of Service (DDoS) attacks, ransomware and a growing number of cases of SIM Swap fraud. They need to demonstrate how they can effectively manage today’s risks while speeding up detection and mitigation of modern threats.
- 1. Combating DDoS with machine-based analytics
- Telcos need to proactively stop DDoS attacks from disrupting services, especially when delivering mission-critical industrial IoT solutions. Rapid detection is essential otherwise IoT devices can be overwhelmed, and it can be challenging to redirect or perform black hole routing of DDoS traffic once that occurs.
- The solution is to integrate machine-based analytics that use scenario modelling, behavioral modelling and machine learning. There’s also an opportunity to use a platform that provides automated and continuous analysis and correlation of all activity observed within the environment. Telcos have to be ready to detect DDoS attempts early in the kill chain, before their services are overwhelmed and are taken offline.
- 2. Blocking and isolating ransomware with threat intelligence
- Ransomware can impact any business but telcos are unique in the volumes of data they manage and the value of the data and applications on their 5G networks. Orange, the fourth largest mobile operator in Europe, was a victim of the Netfilim ransomware attack in July 2020, impacting 20 of its enterprise customers.
- Endpoints need to be adequately protected with tools that can automatically detect and respond to infections before they become serious incidents. Telcos must expand their use of threat intelligence to block or at least alert customers to the presence of anomalies associated with ransomware in their network traffic. They should have systems in place that are ready to scale to manage data volumes associated with 5G and detect, shut down and contain suspicious activity.
- 3. Detecting and mitigating SIM jacking
- SIM Swap Fraud has traditionally been used to steal a mobile subscriber’s identity. Hackers have then used the swapped SIM to reroute incoming calls and text messages to the hacker’s device. This can be used to access an individuals’ bank accounts, emails, and social media accounts. There is now growing risk of IoT SIMs being jacked using SIM over the air (OTA) technology and used to propagate malware within an enterprise or simply as wiretaps.
- By ingesting many types of logs that are found within telecoms applications, fraud can be detected and prevented. If a change in address and SIM occurred at around the same time, it is likely to be anomalous behaviour which could potentially lead to a SIM swap fraud.
Security in private 5G networks
The emergence of private 5G networks is no exception. While private 5G offers security benefits, it still is at risk of being attacked. Deloitte has noted, “By 2024, the value of cellular mobile equipment and services for use in private networks will likely add up to tens of billions of dollars annually.” It rightfully points out that “just because a company owns its own network doesn’t mean that data never leaves it.” Data could be processed at the network edge rather than on site increasing vulnerabilities.
Private 5G offers lower-latency, increased application performance and enhanced security but can still fall victim to Denial of Service (DoS), man-in-the-middle attacks, malware, DNS Spoofing, and a range of signal interception. Private 5G deployments may be more difficult to hack but the risks are also higher for the telco. In the case of a Port Authority deploying a private 5G network, any outage or impact on its IoT or Machine Learning platforms could cause massive delays and losses of revenue across the supply chain.
The opportunity for telcos is to offer secure and connected 5G-enabled services. They should be positioned as leaders in integrating and developing solutions that have cybersecurity as a foundation and be security first. This way they can maximise their potential in 5G and capture new growth from vertical-centric solutions.
