5G-Enabled Cyberthreats are on the Horizon
Enterprises across industries are planning to roll out 5G private networks. 5G offers speed, capacity, and connectivity as we’ve never experienced before. It has opened up some amazing opportunities for smart cities, autonomous vehicles, factory installations, and telesurgery. But just like any new technology; it presents unknown threats as well.
The question now arises: Are mobile operators and businesses adequately prepared to identify and address 5G-enabled vulnerabilities?
Defending against the unknown is hard. So it’s likely that they aren’t all that prepared yet. The vulnerabilities introduced by 5G networks are going to be very different from what we’ve seen with 4G, and here’s how:
Why 5G is nothing like its predecessors?
5G is significantly different than 3G and 4G in that it utilizes software-defined networking and network functions virtualization (NFV). The traditionally hardware-based network components are now virtualized in the cloud. With the unprecedented volume of virtualization, some things are bound to go wrong. And the explosion of digital connectivity means that the attacks are going to spread fast. The consequences will be grave, and possibly fatal, given the dependence of critical infrastructure on 5G technologies.
Network Virtualization can create rafts of vulnerabilities.
One of the many benefits of network virtualization is that it enables network slicing. Essentially, there are several virtualized network segments, sharing the network-wide resources and dedicated to a specific type of data traffic. Critical services remain segregated from non-essential services. Policies regarding resource allocation and security are enforced accordingly.
On the flip side, the software components of virtualized networks are prone to software vulnerabilities. Also, more network segments mean more entry points for malicious actors. A successful cyberattack on one of the segments can create a ripple effect that can impact other segments as well. For instance, attackers can access a network segment that runs non-critical services and therefore, is not as well protected. They can further escalate the attack from the virtual layer to the physical layer to monopolize the network resources. This will result in fewer resources for the critical services segment.
Not to forget that the attackers will also be leveraging 5G’s blazing speeds and the incredible interconnectivity of IoT devices to further propagate the attacks. DDoS attacks may just become faster and more powerful than ever.
5G Deployments Need Strategic Planning
These threats emphasize the importance of understanding the inherent risks and careful planning when deploying 5G network virtualization. The true value of network segmentation lies in complete isolation. Firewall rules, encryption, and tunneling techniques should be implemented to prevent virtual networks from unauthorized information sharing.
Strategies like resource isolation and enforcing maximum resource allocation for virtual networks based on their distinct priorities can ensure fair resource distribution and prevent resource monopolization. A comprehensive strategy should also address redistribution of idle resources as needed and measures to detect and limit the over-utilization of resources.
Considering the low risk tolerance of 5G-enabled applications, virtual networks need to be resilient. Implementing redundant virtual networks can maintain availability and performance at all times. There should be an active probing process to detect network failures, and data flows should be redirected to the available paths dynamically.
Careful planning and proper implementation are crucial for leveraging virtualization technologies without creating new vulnerabilities and loopholes.
NFV and MEC Broaden the Attack Surface
5G uses MEC or Multi-access Edge Computing to power latency-sensitive and bandwidth-intensive systems like autonomous vehicles, medical robots, and industrial IoT. Instead of a single point of storage, data is distributed across the edge. Imagine if a malicious actor manipulates the data powering self-driving cars or automatic pilot avionics, the damage can be severe.
Overall, the more software components in a network, the more possibilities of finding potential weak points. And with traditionally hardware embedded network functions becoming software-based, there’s so much more room for software vulnerabilities. It can also create very complex supply chains. It’s difficult to manage so many vendors. All it takes is a security flaw in one of the vendor’s environments to launch a supply chain attack whose impact can reach far and wide.
The Future of Security is SASE
The organizational perimeter has become flexible. The employees are no longer inside the office building, and data isn’t consolidated in the data center or the cloud anymore. So the security controls also need to move to where users, data, and devices are. SASE (Secure Access Service Edge), the relatively new security model, seems to be the perfect fit.
SASE is a natural convergence of SD-WAN and security technologies, all delivered through the cloud. It brings security at edge networks, wherever data and users are. It converges security solutions like distributed firewall, ZTNA (Zero Trust Network Access), CASB (Cloud Access Security Broker), and IPS (Intrusion Prevention System) into a single offering that can be managed through a single plane of glass, thus eliminating the need to implement and manage multiple point solutions.
With SASE, security can match the speed and flexibility of 5G networks. It can allow companies to react faster to security incidents and prevent attackers from moving laterally across the network. Essentially, it can mitigate the impact of cyber threats that can otherwise cause massive disruptions in environments depending on the new 5G technologies. As companies plan to embrace 5G networks, they should also plan to move from traditional networking to SASE.
Final Word
5G is set to become the new standard for broadband cellular networks. So it doesn’t come as a surprise that governments and businesses are planning to roll out their 5G plans soon. There’s a lot that mobile operators can do. The government also needs to pass regulations for ensuring the security of 5G infrastructure. But the onus of potential cyberattacks will eventually fall on the organizations. Companies that invest in 5G private networks will have to make sure that their 5G rollout plans are foolproof and their security controls can hold up as well.