A large chunk of the digital economy’s future will depend on the success of the 5G wireless services. In turn, 5G’s success will depend in good part on it’s ability to resist, survive and recover from a variety of traditional cyber-threats and, more chillingly, many new ones arising from 5G networks’ complex architecture. In his presentation titled 5G Security: New Vulnerabilities, New Solutions, William Malik provided attendees to the 2019 Infosecurity ISACA North America Expo and Conference in New York with an overview of the threat environment, and what it’s going to take to harden 5G networks against it.
Malik, VP of infrastructure strategies at Trend Micro, explained that, unlike 4G LTE, 5G is specifically architected to support an omnipresent framework for the Internet of Things (IoT) using a so-called “slicing” technique that enables network providers to create virtual end-to-end network services for various types of Machine-to-Machine (M2M) applications. For example, Ultra-Reliable Low Latency Communication (URLLC) service is intended to provide highly-reliable low-latency connectivity for critical applications including factory automation systems, autonomous vehicles and remote surgery devices. Under this new scheme, each time the network establishes a connection, it will have to refer to the user’s profile to determine which slice to use.
Malik cautioned, however, that the same technologies that give 5G networks these new capabilities also introduce new vulnerabilities at nearly every layer of the network stack.
Another concern is that 5G networks will suffer from additional vulnerabilities because they are expected to supplement a significant fraction of their proprietary core transport infrastructure with the internet itself.
Malik also warned that, despite 5G’s enhanced security measures, smartphones, smart building controllers, and other types of user equipment would still have numerous vulnerabilities.
Whilst Malik’s presentation was primarily intended to sound the alert about 5G security issues, he closed his talk by sharing some of the countermeasures that network equipment providers and security professionals can employ to effectively address them:
- User, device and message authentication
- Message integrity verification
- Data confidentiality when dealing with PII or intellectual property
- Improved logging and diagnostics for virtual environments
- Automated attack remediation
- Pre-launch VM configuration validation and continuous monitoring
- Regulatory QoS, with sanctions for non-compliance