Table of contents
- What Is the Difference Between IoT and OT Security?
-
What Is the Purdue Model for ICS Security? | A Guide to PERA
- How does the Purdue Model for ICS Security work?
- What are the Purdue Model layers?
- What are industrial control systems?
- What are the main ICS architecture security challenges?
- What kinds of cyberthreats commonly impact ICS?
- What is the history of the Purdue Model?
- Examining the Purdue Model’s role in modern ICS security
- Purdue Model for ICS Security FAQs
- What is OT security?
-
What Is IT/OT Convergence?
- What Is OT?
- What Is the Difference Between IT and OT?
- How and Why IT and OT Are Converging
- Types of IT/OT Convergence
- The Role of IoT and IIoT in IT/OT Convergence
- IT/OT Security Convergence
- Impacts of IT/OT Convergence on ICS Security
- IT/OT Convergence Benefits
- IT/OT Convergence Challenges
- IT/OT Convergence Use Cases and Examples
- IT/OT Convergence Best Practices
- IT/OT Convergence FAQs
-
What is IoT Security?
- What Is Internet of Medical Things (IoMT) Security?
-
What Is ICS Security? | Industrial Control Systems Security
- What is an ICS?
- Why is ICS security important?
- How does ICS security work?
- What is the role of IT/OT convergence in ICS security?
- What kinds of cyberthreats commonly impact ICSs?
- What are the main ICS security challenges?
- What are the primary ICS protocols?
- How to achieve ICS security step-by-step
- 10 ICS security best practices
- What are the primary ICS security frameworks, standards, and regulations?
- What is ICS supply chain security?
- 2025 ICS security market and trends
- What are the different types of industrial control systems?
- What are the components of an industrial control system?
- What are the differences between OT, ICS, SCADA, and DCS?
- How does ICS security compare with OT and SCADA security?
- What is the history of industrial control systems?
- ICS security FAQs
-
What Is Cyber-Physical Systems Security (CPSSEC)? | Overview
- What are examples of cyber-physical systems?
- What is the difference between a cyber-physical system and an Internet of Things (IoT) device?
- Why is cyber-physical system security important?
- What are the common cyber-physical system security challenges?
- What to look for in a CPS protection platform
- Cyber-physical systems security FAQs
- What Is Critical Infrastructure? Why Does Critical Infrastructure Security Matter?
- IT vs. OT Security | What Are the Differences?
- What Are the Differences Between OT, ICS, & SCADA Security?
- What Is the Difference Between IT and OT? | IT vs. OT
-
How to Secure IoT Devices in the Enterprise
-
The Impact of IT-OT Convergence on ICS Security
-
Building Secure Smart Cities in the Age of 5G and IoT
What is 5G security?
3 min. read
Table of contents
5G security is the combined protection for the underlying 5G network infrastructure, traffic traversing it and consumers of the network itself.
5G Security Explained
5G security is the combined physical and cyber protection for the underlying 5G network infrastructure including hardware and software, the traffic traversing it and users of the network. Proper administration and execution of 5G security should produce the following five core properties, which contribute to the trustworthiness of the 5G system:
- Resilience
- Communication security
- Identity management
- Privacy
- Security assurance
As 5G standalone infrastructure is deployed, the understanding of 5G security will continue to evolve. However, it’s important to note that security was built into 5G infrastructure from its inception. The following are some of the features the 3rd Generation Partnership Project (3GPP) has specified in a 5G Standalone Network:
- User traffic integrity protection
- Improved subscriber privacy
- Subscriber identity concealment
- Roaming Interface and payload security
- Mutual authentication and encryption of key interfaces
5G security is designed to address the following use case categories:
- Enhanced mobile broadband (eMBB)
- Massive machine-type communication (mMTC)
- Ultra-reliable low-latency communications (URLLC)
When it comes to 5G security, the industry landscape can be segmented into three different consideration areas:
- Carrier networks
- Private 5G networks
- Hybrid 5G networks
While each brings about distinctive security implications, the common denominator is the fundamentally different design of 5G compared to its predecessors. Specifically, previous generations of wireless network technology required enterprises to purchase complete solutions from mobile network operators (MNOs), including hardware.
The network was self-contained, while trust and risk were delegated to the vendor supplying the equipment. 5G network infrastructure and backbones are being built on cloud-based infrastructure, much the same way as web applications running in microservices.
The concept of Open RAN (radio access network) and open environments are significant markers that differentiate 5G from 4G networks. These were proprietary previously. Open RAN is a shift in mobile network architectures, which allow service providers to use nonproprietary subcomponents from multiple vendors.
More standard interfaces, interoperability and openness are driven by the cloud-native architecture of 5G. The change is allowing the telco industry to take advantage of capabilities like microservices or building highly scalable applications specifically for 5G. Given that 5G networks are built in a cloud-native fashion, power and agility are major benefits. However, not without cloud-native security vulnerabilities; a threat profile MNOs have not dealt with historically.
5G standalone networks remain in the rollout process, with complete deployment slated for the end of 2023. Consequently, advanced benefits and use cases like edge computing, low latency, autonomous vehicles or smart cities await. In the meantime, 5G signifies the commencement of a new era in network security.
5G Security Architecture
The security architecture of 5G relies on advanced technologies such as network slicing, virtualization and cloud-based resources. These technologies allow enterprises to take advantage of major performance benefits. However, such changes also introduce new considerations with respect to security.
Mobile Protocol-Level Security
To understand mobile protocol-level security for 5G, it’s important to first understand 3GPP (the 3rd Generation Partnership Project). 3GPP is the body that standardizes mobile protocols. 3GPP’s 5G standards provide security mechanisms based on well-proven 4G security mechanisms. They also incorporate new enhancements for encryption, authentication and user privacy.
Specifically, the main enhancements in the 3GPP 5G security standard include:
- New authentication framework
- Enhanced subscriber privacy
- Service-based architecture and interconnect security
- Integrity protection of the user plane
Infrastructure/Cloud Infrastructure Security
Infrastructure and/or cloud infrastructure security encompasses how 5G protocols are implemented as a system. Consider DISH Network. Dish is building the first 5G cloud-native network entirely on AWS (with the exception of minimal components on the radio access network). In such an environment, simply enhancing mobile protocol security will not protect the cloud network functions. Therefore, enterprises pursuing such deployments must also ensure sufficient cloud security.
- NVFI (network function virtualization; virtualized or cloud-native)
- Distributed clouds and edge computing
- Appliance-based functions
- Interconnect
- Mobile edge computing
- Software-defined networking (SDN)
- Network slicing
Network slicing divides an underlying physical network infrastructure into a set of logically isolated, self-contained, independent and secured virtual networks. It's an important feature of a 5G network and targets diverse services with distinct requirements for reliability, high speeds and latency. At a high level, a network slice can be thought of as an implementation of a VLAN across a mobile network.
End-to-end network slicing allows for enterprise security to be provided on a given slice. However, as more end-to-end network slices are portioned out, the number of attack vectors will potentially increase. Network slices can be vulnerable to denial-of-service (DoS) attacks if security features that detect anomalous behavior are not implemented.
It’s essential for organizations that utilize 5G in the future to establish security for:
- Network infrastructure
- Network traffic
- Consumers of the network itself
Secure access service edge (SASE) can be combined with 5G network slicing to ensure aggressive SLAs.
Network Traffic
- Network level
- Application-level security
- Endpoints
- Internet of things (IoT devices)
Traditionally, telcos haven’t been focused on network traffic. The purpose was to transport network bits more so than to know their contents. With the advent of 5G, this paradigm is changing. When 5G functions to supplant Wi-Fi, or as an adjunct, the security of the traffic traversing the network is very much a concern.
5G Security Risks and Challenges
Improvements have been made to 5G infrastructure compared to previous wireless iterations. However, the implementation of 5G networks introduces a different array of potential security threats.
Side-channel attacks
While 5G protocols can’t be subverted easily, there are other ways 5G networks can be compromised. Side-channel attacks are positioned as a significant threat. Side-channel attacks are implemented by exploiting the underlying infrastructure supporting the network (figure 4).
This attack method was historically difficult to execute. Today, it is becoming more common due to technology advancements, which have afforded malicious actors a deeper understanding of targeted systems. It is reasonably achievable for a bad actor to find a misconfiguration in a cloud computing environment. They can then subvert a virtual machine or container, rather than attacking a 5G protocol directly.
Lack of Visibility and Security Controls
5G networks require all the visibility and security controls of a traditional Wi-Fi network. Established security technologies are being introduced into private 5G networks for the same level of visibility and control the world expects from enterprise networks. Fortunately, these are problems the network security industry is highly experienced with solving.
Increased Attack Surface
Telco networks have never been built on cloud infrastructure using application-level technologies until the entry of 5G. Today, 5G networks are being built upon technologies not unlike the architecture one might find beneath popular consumer services, such as Netflix, for example. The consequence is a much larger attack surface. As networks become more open, flexible and equipped to support modern applications, they also become more vulnerable.
Connected Devices
5G technologies enable greater capacity for billions of devices, which certainly opens the door for innovation and new capabilities. However, without reliable controls in place, bad actors can use encrypted channels across networks, not to mention encrypted malware.
Consider a private 5G environment in an enterprise. If a 5G environment is being used to supplant a Wi-Fi network, the network itself is likely encrypted. However, it doesn't necessarily prevent malicious endpoints from joining it. Thus, if a network device is compromised with a network layer exploit, bad actors could gain unauthorized access to the 5G network.
5G Security FAQs
The White House developed the National Strategy to Secure 5G in March 2022. The National Strategy to Secure 5G expands on the National Cyber Strategy.
CISA, the lead federal agency for cybersecurity, is assisting with the rollout of this critical infrastructure. In doing so, CISA will be applying four Lines of Effort as notated in the National Strategy to Secure 5G:
- Facilitate Domestic 5G Rollout
- Assess Risks to and Identify Core Security Principles of 5G Infrastructure
- Address Risks to United States Economic and National Security During Development and Deployment of 5G Infrastructure Worldwide and,
- Promote Responsible Global Development and Deployment of 5G
Security improvements have been made to 5G infrastructure compared to previous wireless iterations. For example, network slicing divides an underlying physical network infrastructure into a set of logically isolated, self-contained, independent and secured virtual networks. On the other hand, such infrastructure changes also introduce new considerations with respect to security.
The implementation of 5G networks introduces a different array of potential security threats. These include but are not limited to side-channel attacks, lack of visibility and security controls, increased attack surface, and connected devices. However, 5G security architecture incorporates new enhancements for encryption, authentication and user privacy.
