Locking down 5G
- By Stephanie Kanowitz
- Aug 03, 2020
Just as 5G wireless technology promises to be a significant technological and societal disruptor, it also opens the potential for new cybersecurity challenges, a new report states.
Although “proposed 5G architectures are designed to close security gaps from previous iterations of cellular networks … the pervasive nature of 5G introduces new security challenges,” according to “Security Considerations for the 5G Era,” a whitepaper that 5G Americas, a wireless industry trade association, released July 22.
The new technology differs from previous generations. Earlier versions of wireless service were designed to connect people mainly via voice and text, and LTE, or 4G, was designed for connections through the internet. Now, 5G builds on those. It features a disaggregated architecture in which network functions are no longer connected to the underlying hardware and takes advantage of software-defined networking, network function virtualization and the cloud to connect people, services and the internet of things, the paper states.
Each component, however, must have security baked into it. To do that, the paper recommends several strategies.
One is the adoption of open source software because it opens code up for continuous review, while maintaining a “trusted repository” that only certain developers can directly modify. Comprehensive security reviews of open source software should look for publicly known vulnerabilities, use commercial security intelligence and perform static analysis, according to the paper.
Zero-trust security is another strategy that will help secure communications when validation checks are applied to all levels of the stack – hardware, firmware, operating system, network functions and data – and all the elements in a network’s trust chain. With the growth of hybrid cloud networks and the expanding edge complicating security, zero-trust becomes even more important for organizations enforcing geo-location and mutual authentication of entities where virtual network functions are running.
A third strategy is network slicing, or the isolation of the end-to-end performance of one part of a network. With 5G, each network slice can serve one application or a set of applications, creating physical and logical separations, plus traffic and resource isolation. These bolster protection by restricting what a potential attack can affect.
And because 5G supports automation, it enables automated threat intelligence, which is in line with the evolution of threat intelligence from static configuration to reactive protection to predictive protection, the report states. Types of automated threat intelligence include unsupervised and supervised machine learning, behavior analysis, anomaly detection and heuristics analysis.
Lastly, 5G brings with it new protection controls, such as “an improved encryption process which improves anti-tracking and spoofing features, making it difficult to monitor and track connected devices,” the paper states.
“No system is ever 100% perfectly secure but requires constant enhancement and vigilance to stay ahead of the threats,” 5G America’s President Chris Pearson wrote in a blog post. “5G is no different, but even as the challenges increase, the rewards, capabilities, and tools for protection become ever greater.”
Stephanie Kanowitz is a freelance writer based in northern Virginia.