A survey from GSMA & Trend Micro shows a worrying lack of security capabilities for private 5G networks (e.g., factories, smart cities, industrial IoT, utilities & more).
As 5G private networks roll out in the coming years, security may be a key issue for enterprises. A survey released at Mobile World Congress on Mon. shows that major gaps persist in security capabilities among mobile operators.
Some 68% of operators already sell private wireless networks to enterprise customers, with the rest planning to do so by 2025, according to the study, from the GSMA & Trend Micro. However, from a security perspective, these may not be ready for prime time: 41% of surveyed operators said they face challenges when it comes to solving vulnerabilities related to 5G’s network virtualisation, for example.
48% of them said they do not have enough internal knowledge or tools to discover & solve security vulnerabilities at all. A contributing factor to the problem is a limited number of mobile-network security experts for 39% of surveyed operators.
5G Networks: Different Architecture, Different Risks
5G networks represent a major change from prior wireless networks in that they are largely software-defined & virtualised. Network functions, historically defined in hardware, become virtual software capabilities in 5G, all organised via a flexible software control plane. Even the air interfaces in the radio access network (RAN) are software-defined in 5G.
The problem is that this raises the possibility for rafts of exploitable vulnerabilities to emerge throughout the architecture in places that were never exposed before.
“Because so much of the environment is virtualised, there will be a lot of software creating images & tearing them down – the volume of virtualisation is unlike anything we have experienced so far,” William Malik, VP of Infrastructure Strategies at Trend Micro, explained.
“The risk there is that we do not know how well the software will perform under such huge loads. Every experience with distributed software under load suggests that things will fail, services will drop & any vulnerability will be wide open for exploitation.”
The stakes are higher, too. When it comes to 5G, it’s faster & has lower latency than earlier generations of wireless networks & will support a range of next-gen applications, including smart-factory installations, smart cities, autonomous vehicles, tele-surgery, advanced data analytics & artificial intelligence, among others.
Variety of Settings
As such, 5G private networks will roll out in a variety of settings, including factories, where they will connect sensors & a range of industrial internet of things (IoT) devices; hospital & educational campuses; stadiums; industrial locations such as mines, ports & oil rigs; & to support public-safety applications.
“These networks will manage complex factories, distribution centre & logistics operations,” stated Malik.
“Think about the traffic at a major port – much of the work is not done by individuals but by application software coordinated by scheduling & orchestration software. If you can take this over, you can dump containers into Long Beach Harbour, or ship 2,000 pounds of Cream O’ Wheat to your neighbour.
Port of Amsterdam
In the port of Amsterdam, the ‘bad guys’ took over the scheduling software & actually had containers full of guns, drugs, & in some cases criminals, delivered without inspection into the port then smuggled onwards throughout Europe.”
Instead of sending all data to a cloud for processing, 5G uses multi-access edge computing (MEC), which means that the network edge analyses, processes & stores the data generated from endpoints.
Collecting & processing data closer to the customer reduces latency & brings real-time performance to high-bandwidth applications, but it also presents a new footprint to secure, with new data pools scattered around the network.
“We’re focusing on corporate 5G implementations, generally called NPN – non-public networks. In these environments the 5G signal is restricted to a specific area – a port, a distribution centre, a manufacturing facility – so we do not have random devices connecting, & every application and device can be authenticated (note that this is not an architectural requirement, but it is a really good idea),” Malik observed.
“Even with that, the 5G network will be a very efficient way to move data around the site, so if malware gets into something, it will spread fast.”
The survey found that half (51%) of the operators reported that MEC is a key part of their strategy for addressing enterprises’ private network needs within the next 2 years. Yet only 18% of surveyed operators offer security for both the edge & endpoints.
“Operators are committed to security, aware that the combination of cloud, data & IoT threats means that cyber-risks are far greater in the 5G era,” outlined Sylwia Kechiche, Principal IoT Analyst for GSMA intelligence, in a media statement. “Yet our new research with GSMA reveals a concerning lack of tools & knowledge inside these organisations.”
Best Practices – 5G Private Network Security
“The bad guys will try to take over the 5G network by either sneaking some rogue software into the mix, using a supply-chain attack like SolarWinds; or bypassing authentication to launch their own processes that can crypto mine (stealing resources), exfiltrate data or set off a ransomware attack,” Malik explained.
Even though security capabilities are lagging for now, nearly half (45%) of operators in the survey stated they consider it extremely important to invest in security to achieve their long-term enterprise revenue goals – compared with just 22% in 2020.
Growth in Demand
A full 44% of operators said they have seen increased growth in demand for security services from their enterprise clients due to COVID-19, while 77% of operators look to security as a top opportunity for revenue generation, forecasting that 20% of 5G revenue will come from security add-on services.
The 3GPP, the standards body in charge of wireless network specifications, has built some security controls into the 5G spec.
There’s more that carriers can do, however, to help differentiate their offerings, according to Malik.
“Best practices for securing these NPN environments would include authenticating everything & everyone – that’s the idea behind zero trust,” Malik advised. “You have to prove you are who you say you are before you can do anything on the network.”
Audit Message Traffic
It is also a good idea to log & audit message traffic & to use tools to note when lots of data seems to be flowing where it should not, he added.
“Also, use tools to detect processes that are misbehaving – like a process that starts encrypting everything it can touch,” according to Malik. “To help recover from an attack, take frequent backups & make sure they are valid. Also, buy technology from trusted vendors & use reliable integrators to hook things up.”