The fifth-generation, or 5G, mobile network has changed how people and devices connect, providing faster data speeds, low latency, greater reliability, increased network capacity, enhanced availability, and better user experiences. As with any new technology, however, 5G deployment brings new security challenges, particularly network security risks. By understanding the cybersecurity challenges associated with 5G implementation, organizations can effectively optimize their investments and secure their data.
5G implementations offer malicious actors a new way to infiltrate organizations’ systems, networks, and applications. According to the Cybersecurity and Infrastructure Security Agency (CISA), 5G deployments face six distinct security risks that organizations should be aware of.
1. Influencing design and architecture
As organizations and municipalities build out their local 5G networks, they add more Information and Communications Technology (ICT) components to their infrastructure. Many of these components may not have enterprise grade security and come with vulnerabilities that can be readily exploited. More creative threat actors may even attempt to market compromised 5G components with built-in vulnerabilities, hoping to attract unsuspecting organizations with low cost options for their 5G local network deployment.
2. Supply chain zero-day attacks
Even if threat actors fail to place vulnerabilities into the ICT components, they may look to infiltrate 5G networks via the supply chain. For example, if a trusted 5G ICT component manufacturer has poor DevOps processes, there’s a high likelihood that vulnerabilities may go undetected before commercial release. These potential zero-day vulnerabilities can lead to widespread disruption.
3. Legacy technologies
5G wireless networks are built on a foundation of legacy technologies, like 4G LTE networks. Therefore, 5G networks are exposed to the same known vulnerabilities from these legacy hardware and software tools. To date, it is not clear how the integration of 5G into the 4G technology stack will impact the new deployments’ overarching security posture. Note, we’re really speaking about a 5G network ecosystem that spans wireless and wireline networks.
4. Increased attack surface
Since 5G networks require more components, they increase the number of access points and network edges, ultimately increasing the attack surface. At the least, the infrastructure likely incorporates cellular towers, beamforming, small cells, and mobile devices. These factors will increase the digital attack surface, as well as expose the organization to new risks because many of these devices may lack physical security features. For example, a small cell located on a tree in an urban area may be at increased risk of physical exploitation.
Misconfiguration is a perennial challenge for IT teams and its only going to get harder with the advent of 5G networks. Technologies, controls and configurations are all perishable. To be effective we need to ensure proper configuration across platforms and domains.
6. Difficulty updating and repairing custom technologies
To maintain the interoperability necessary to optimize 5G deployments, custom equipment may become a security and availability risk. Customization stymies speed and scale as such equipment may not be easily maintained - making vulnerability management more difficult while also exposing more risks.
Architecting a secure 5G network requires organizations to undertake innovative, end-to-end approaches. This includes adopting a fabric-based security strategy by building a broad-based, tightly integrated program leveraging artificial intelligence and automation. Other steps include:
5G services and technologies will change attack surfaces, vectors, and methodologies, impacting an organization’s overall risk and security posture. Additionally, organizations need to consider where their Mobile Network Operator’s (MNO’s) responsibility ends and starts.
Four possible models exist, and each one brings its own security responsibilities and challenges:
1. MNO-Independent: Private 5G network with no connection to the public internet.
2. MNO-Dependent (RAN): The Radio Access Network (RAN) is sliced, ensuring private traffic remains within the enterprise and public traffic moves to the public network.
3. MNO-Dependent (RAN and CP): Control Plane (CP) and RAN sharing with the MNO controlling and centralizing signaling and user data management.
4. MNO-Dependent (full sharing): Only RAN is present at the enterprise site, with all other 5G components on the MNO public network.
Similar to the shared security model in cloud computing, organizations need to make sure that they understand how their deployment choices impact their security responsibilities.
Network slicing enables the creation traffic-based customizations by dividing single network connections into multiple virtual connections – optimizing the allocation of network resources. As organizations build out their 5G strategies, they need to consider the following elements:
● Connected devices: Internet of Things (IoT) devices are more vulnerable and require enhanced security.
● Applications: Authentication, access, and firewall policies may be different based on application criticality.
● Network function virtualization: Coordinate and manage applications, user demands, and networks for efficient allocation according to operational and security needs.
Zero trust is a strategy based on the assumption that any user or device accessing the network is a risk. For a robust zero trust architecture, organizations should consider the two complementary models:
1. Zero Trust Access (ZTA): All users and devices must provide appropriate authentication before gaining access to networks, and all access should be set according to the principle of least privilege.
2. Zero Trust Network Access (ZTNA): All users and devices must appropriately be authenticated before being granted access to any application, and all access should be set according to the principle of least privilege.
The primary difference between ZTA and ZTNA lies in the access point at which users and devices must authenticate. Under ZTA, the access point is the network itself. Under ZTNA, users and devices may be able to access the network, but an additional authentication layer is placed in front of the application.
5G networks unlock tremendous benefits in productivity, innovation, and agility. Its adoption is being fueled by the permanent shift to hybrid work models and a myriad digitial transformation solutions – from edge computing to autonomous and automated manufacturing. However, with these benefits comes the potential for additional risks and challenges. With that in mind, organizations need to consider security implications upfront, rather than as an afterthought. With tightly integrated, broad-based plans, they can create a fabric-based security approach that future-proofs their technology investments.
Learn more about how the Fortinet Security Fabric protects 5G ecosystems.