5G is more than radio access technology. It’s a new architecture with much greater agility in all areas. The capacity, latency, agility, reliability and speeds offered by this technology make it applicable to communication service providers and all verticals. The future vision of 5G and IoT isn’t just about connecting individual devices; it is an enabling technology of the 4th industrial revolution that will bring about societal change.
5G will support several critical use cases, from industrial automation and public safety services to utilities or connected cars. The understanding of critical infrastructure has evolved in recent years to encompass government networks and data centers, the infrastructure used by providers of basic goods and services such as energy, power, raw materials, pathways railways, airports, telecommunications, banks, Internet exchanges, water services. , and hospitals. And finally, essential infrastructure for companies with high added value or of key strategic importance for the country’s economy.
Experts from stc and Nokia have joined forces and wrote an article aimed at raising security awareness in the telecom industry, providing insight into the implications of 5G security, and demystifying some of the common topics surrounding the topic.
Saudi Arabia is at the forefront of adopting 5G technology with coverage planned for almost the entire Kingdom, paving the way for one of the world’s leading digital economies.
“Stc’s 5G deployments have been carefully designed with security at heart, with the aim of enabling Saudi Arabia’s national digital transformation through a secure infrastructure, without which no digital economy can survive in today’s cyber reality. We believe that enriching the industry with what we have learned is vital for the cybersecurity knowledge library, ”said Eng. Yasser N. Alswailem, vice president of cybersecurity at stc.
“Active cooperation between the stakeholders involved is vital at national, regional and international levels to implement a resilient and secure digital infrastructure. Our collaboration with stc on this important topic has given us the opportunity to share together our respective perspectives on the implications of 5G security regarding the assets that need to be protected, the threats and risks we need to protect against, and above all, the most common mitigation measures. measures to minimize these risks, ”said Khalid Hussain, country director and head of the stc business group at Nokia.
What’s at stake?
Any network security event can have massive implications, especially in 5G due to a wider range of use cases including critical and public safety services. Imagine a production shutdown in a smart factory due to a network problem or malware bringing the autonomous vehicle to a halt. Adopting measures to protect the network should be part of the network architecture and design.
From loss of availability of communication services, leakage of confidential user information to loss of network integrity are some of the impacts of security incidents in any network.
Loss of integrity is the third high level information security threat. It compromises the integrity of the network and can be used for data leaks or misuse of confidential information and even impact the availability of network services.
High-level attack vectors can damage the network in several ways. Radio interface jamming or flooding attacks, denial of service (DoS) attack types, and exploitation of flaws in network design, implementation or configuration are common avenues of attack. network.
Malicious elements can also create and exploit a backdoor within a network. Any flaw or gap in the operational procedure can also increase the vulnerability of the network. It is crucial to remember that while these methods can be used to attack any type of network, the damage from such attacks on the 5G network is much more severe.
What do we need to protect?
Ensuring the security of 5G requires a fundamentally different approach. 5G networks are complex, combining both physical and virtual infrastructures. Additionally, tighter integration of telecom and IT infrastructure, services and operations into a 5G network requires a holistic view of 5G security like never before.
Many traditional 4G network elements are being replaced in 5G by virtual network functions (VNF) and cloud architectures. 5G provides the entire network as a service (NaaS), which is enabled by service-oriented architecture, VNFs, cloud core and dynamic network orchestration / slicing. The elements of the 5G network must therefore be protected against security incidents at the level of the physical and logical layers.
It should be understood that the criticality of networks and specific network elements must be assessed on the basis of (potentially disrupted) applications supported by these networks. Even a short connectivity outage in a limited geographic area or impacting the latency requirements for a critical service could have lethal consequences (think disruptions to connected car services). As such, uninterrupted access to connectivity becomes as crucial as access to electricity.
Besides infrastructure, it should be noted that any compromise of management systems can also potentially have a massive impact on the entire network. By controlling management systems, attackers with the appropriate privileges can shut down the network or gain access to sensitive data.
“It is extremely important to be aware of cybersecurity risks and to take all appropriate measures to minimize these risks by relying on standardized security features and additional solutions available in the market,” said the eng. Ing. Alswailem from stc.
More generally and depending on the overall network architecture, a combination of three different scenarios and mitigation frameworks is required. The first is a 3GPP specified security architecture that includes an access independent authentication framework and enhanced protection of subscription and user plane privacy, among other features.
In the second category of network security not specified by 3GPP, it is imperative to adopt a holistic and automated approach to security management and orchestration. Finally, a robust implementation of the virtualization layer and the overall software of the cloud platform, among other measures, will help improve the security of the 5G network.
Operators and providers in the mobile network industry have defined the Security Assurance Methodology (SECAM) in the organization of 3GPP standards. On this basis, NESAS was developed within the GSMA. Some national cybersecurity authorities are also involved in the process. NESAS is the most suitable global security assurance system, and its adoption brings benefits to operators through reduced bidding efforts with security by default and measurable security.
NESAS also brings uniform security requirements for network equipment vendors and a demonstration of their commitment to secure product development and maintenance. Finally, governments benefit from a developed program, supported by industry, introducing basic cybersecurity “hygiene”.
“Globally or at least regionally accepted certification systems are preferred. This will promote innovation and reduce overhead costs. The GSMA NESAS (Network Equipment Security Assurance Scheme) is a promising program that has the potential to become one of those global certification programs using 3GPP standards, ”said Brahim Ghribi, Head of Government and Policy Affairs for the MEA region. at Nokia.
As we embark on our global journey in Industry 4.0, 5G is the key enabling technology for the future, and along with cloud, AI and robotics, it will interconnect the physical, virtual worlds. and organic. These are exciting times, and with that opportunity ahead of us, we need to make sure we can keep pace (literally) and reap the full benefits of 5G, he added.
Network paradigms are evolving and the heterogeneous architecture of the 5G network will include multiple access and infrastructure technologies (physical and virtual) that will require special attention from a cybersecurity perspective.