What is 5G security?

Industry Evolution of 5G

When it comes to 5G security, the industry landscape can be segmented into three different consideration areas:

1.   Carrier networks
2.   Private 5G networks
3.   Hybrid 5G networks

While each brings about distinctive security implications, the common denominator is the fundamentally different design of 5G compared to its predecessors. Specifically, previous generations of wireless network technology required enterprises to purchase complete solutions from mobile network operators (MNOs), including hardware.

The network was self-contained, while trust and risk were delegated to the vendor supplying the equipment. 5G network infrastructure and backbones are being built on cloud-based infrastructure, much the same way as web applications running in microservices.

The concept of Open RAN (radio access network) and open environments are significant markers that differentiate 5G from 4G networks. These were proprietary previously. Open RAN is a shift in mobile network architectures, which allow service providers to use nonproprietary subcomponents from multiple vendors.

More standard interfaces, interoperability and openness are driven by the cloud-native architecture of 5G. The change is allowing the telco industry to take advantage of capabilities like microservices or building highly scalable applications specifically for 5G. Given that 5G networks are built in a cloud-native fashion, power and agility are major benefits. However, not without cloud-native security vulnerabilities; a threat profile MNOs have not dealt with historically.

5G standalone networks remain in the rollout process, with complete deployment slated for the end of 2023. Consequently, advanced benefits and use cases like edge computing, low latency, autonomous vehicles or smart cities await. In the meantime, 5G signifies the commencement of a new era in network security.

5G Security Architecture

The security architecture of 5G relies on advanced technologies such as network slicing, virtualization and cloud-based resources. These technologies allow enterprises to take advantage of major performance benefits. However, such changes also introduce new considerations with respect to security.

Mobile Protocol-Level Security

To understand mobile protocol-level security for 5G, it’s important to first understand 3GPP (the 3rd Generation Partnership Project). 3GPP is the body that standardizes mobile protocols. 3GPP’s 5G standards provide security mechanisms based on well-proven 4G security mechanisms. They also incorporate new enhancements for encryption, authentication and user privacy.

Specifically, the main enhancements in the 3GPP 5G security standard include:

• New authentication framework
• Enhanced subscriber privacy
• Service-based architecture and interconnect security
• Integrity protection of the user plane

Infrastructure/Cloud Infrastructure Security

Infrastructure and/or cloud infrastructure security encompasses how 5G protocols are implemented as a system. Consider DISH Network. Dish is building the first 5G cloud-native network entirely on AWS (with the exception of minimal components on the radio access network). In such an environment, simply enhancing mobile protocol security will not protect the cloud network functions. Therefore, enterprises pursuing such deployments must also ensure sufficient cloud security.

• NVFI (network function virtualization; virtualized or cloud-native)
• Distributed clouds and edge computing
• Appliance-based functions
• Interconnect
• Mobile edge computing
• Software-defined networking (SDN)
• Network slicing

Network slicing divides an underlying physical network infrastructure into a set of logically isolated, self-contained, independent and secured virtual networks. It's an important feature of a 5G network and targets diverse services with distinct requirements for reliability, high speeds and latency. At a high level, a network slice can be thought of as an implementation of a VLAN across a mobile network.

End-to-end network slicing allows for enterprise security to be provided on a given slice. However, as more end-to-end network slices are portioned out, the number of attack vectors will potentially increase. Network slices can be vulnerable to denial-of-service (DoS) attacks if security features that detect anomalous behavior are not implemented.

It’s essential for organizations that utilize 5G in the future to establish security for:

• Network infrastructure
• Network traffic
• Consumers of the network itself

Secure access service edge (SASE) can be combined with 5G network slicing to ensure aggressive SLAs.

Network Traffic

• Network level
• Application-level security
• Endpoints
• Internet of things (IoT devices)

Traditionally, telcos haven’t been focused on network traffic. The purpose was to transport network bits more so than to know their contents. With the advent of 5G, this paradigm is changing. When 5G functions to supplant Wi-Fi, or as an adjunct, the security of the traffic traversing the network is very much a concern.

5G Security Risks and Challenges

Improvements have been made to 5G infrastructure compared to previous wireless iterations. However, the implementation of 5G networks introduces a different array of potential security threats.

Side-channel attacks

While 5G protocols can’t be subverted easily, there are other ways 5G networks can be compromised. Side-channel attacks are positioned as a significant threat. Side-channel attacks are implemented by exploiting the underlying infrastructure supporting the network (figure 4).

This attack method was historically difficult to execute. Today, it is becoming more common due to technology advancements, which have afforded malicious actors a deeper understanding of targeted systems. It is reasonably achievable for a bad actor to find a misconfiguration in a cloud computing environment. They can then subvert a virtual machine or container, rather than attacking a 5G protocol directly.

Lack of Visibility and Security Controls

5G networks require all the visibility and security controls of a traditional Wi-Fi network. Established security technologies are being introduced into private 5G networks for the same level of visibility and control the world expects from enterprise networks. Fortunately, these are problems the network security industry is highly experienced with solving.

Increased Attack Surface

Telco networks have never been built on cloud infrastructure using application-level technologies until the entry of 5G. Today, 5G networks are being built upon technologies not unlike the architecture one might find beneath popular consumer services, such as Netflix, for example. The consequence is a much larger attack surface. As networks become more open, flexible and equipped to support modern applications, they also become more vulnerable.

Connected Devices

5G technologies enable greater capacity for billions of devices, which certainly opens the door for innovation and new capabilities. However, without reliable controls in place, bad actors can use encrypted channels across networks, not to mention encrypted malware.

Consider a private 5G environment in an enterprise. If a 5G environment is being used to supplant a Wi-Fi network, the network itself is likely encrypted. However, it doesn't necessarily prevent malicious endpoints from joining it. Thus, if a network device is compromised with a network layer exploit, bad actors could gain unauthorized access to the 5G network.

5G Security FAQs