The non-standalone 5G networks currently run by mobile operators are at risk of cyberattack due to well-documented vulnerabilities in industry standard protocols, but the migration to standalone infrastructure will bring its own set of security issues.
The stack of technologies that 5G uses could allow attacks aimed at operator networks as well as subscribers, launched from international roaming networks, operator networks or even partner networks providing access to services, Positive Technologies noted in a new report.
Positive researchers pointed to multiple potential vulnerabilities – like denial of service and traffic redirection – in the packet forwarding control protocol (PFCP) used for subscriber connections, as well as flaws in the HTTP/2 protocol that would allow attackers to obtain NF profiles and impersonate network services.
AT&T Cybersecurity advises organizations planning to embrace 5G to identify those areas of security that need immediate attention, and the security assets already in place that can be used to secure the migration and adoption of 5G.
While organizations see 5G as the gateway to new service offerings, digital transformation and increased efficiencies – investing nearly 25 percent of their budgets on it – fewer than 10 percent feel their security postures are sufficiently bolstered to accommodate its rollout, according to a survey from AT&T.
"One of the biggest surprises found in the survey is the disconnect between nearly half of the businesses surveyed seeing no change to their cybersecurity infrastructure is needed, while the other half believe 5G has the potential to pose an elevated security threat, partly because there are more vectors through which adversaries can attack," said Theresa Lanowitz, head of evangelism at AT&T Cybersecurity.
Topping the list of 5G security challenges are data privacy, security of data accessed by mobile endpoints, crafting more robust security policies around 5G and a greater opportunity for DDoS attacks. Securing mobile endpoints likely will grow even more challenging as the number of IoT connected devices grow. The report pointed out that most organizations currently accommodate fewer than 10,000 of those devices today, but that number is expected to increase 50 percent to 70 percent in the next 18 to 36 months.
"Cybercriminals will benefit from the connected device explosion, the increased speed, and lower latency as well, potentially compromising machines (zombies) to proliferate botnets," Lanowitz explained.
In addition to protecting mobile endpoints is safeguarding apps. "Moving the data processing closer to the use case application allows for near real-time, AI-enabled processing and decision making," said Lanowitz.
Noting that it comes with "risk of older-style threats such as SQL injection attacks, unencrypted data traveling along private networks that may or may not have malware-sniffing apps looking at the data, and other potential security threats," she said that 83 percent of respondents recognize that "web-based apps will be a challenge when implementing 5G.
AT&T researchers also note that zero trust is gaining ground – 31 percent of those surveyed have already completed zero trust implementation while 35 percent are in the midst of implementation. Another 25 percent are researching the approach.
"How 5G and the edge are secured will ultimately come down to an organization’s unique 5G and edge use case and site type, including the architectures and which and where data is consumed, input, accessed, stored, and transported," said Lanowitz.
The report called “5G security a team sport,” with stakeholders from internal network and security teams working in concert with 5G manufacturers, network security providers and security consultancies.
"Organizations should understand that cybersecurity for 5G is a shared responsibility – they are responsible for what they connect to the network," said Lanowitz, pointing to the shared responsibility found in cloud security. "Through a shared responsibility model, 5G carriers and cloud service providers are responsible for the network and cloud infrastructure, and the enterprise must provide for the security of its own devices and endpoints as well as the data within."
To bolster their 5G security postures, Lanowitz advises organizations to take a few steps to get started:
● Prioritize DDoS prevention: Criminal groups often enlist the IoT devices that are fueling so many of the 5G use cases as their “virtual soldiers.” DDoS protections can help absorb cyberattacks and provide the resilience needed to keep fulfilling IoT core functions.
● Build virtualized security into the network: Virtualized networks can quickly scale up and down and change user policies rapidly within software-defined networks. Because these controls are spun up quickly, virtual security controls can rapidly deploy technologies that will prevent attackers’ lateral movement.
● Consider network segmentation and zero trust: Implementing a zero trust architecture is a key enabler to increase security of most 5G use cases. Additionally, network microsegmentation can slow down possible lateral movement of an attack. The core principle of microsegmentation is that having departments such as accounting and manufacturing on the same network segment unnecessarily widens the risk surface.
● Identify high-value assets: Map out data flows to identify where high-value assets reside. This heightened visibility gives the security team the extra awareness of which assets require higher visibility and monitoring.
