Aug 11 2022
Security

Learn the Requirements for Cybersecurity in a 5G Environment

Legacy IT may hinder the extra security built into the new network.

Along with the promise to completely transform the digital landscape, 5G — the fifth-generation standard for broadband cellular networks — will bring changes to cybersecurity practices and protection as well.

5G download speeds are expected to be 100 times faster than currently possible with 4G. Higher bandwidth will allow more devices to be connected (an estimated 29 billion by 2030, up from 8.6 billion in 2019). New applications will be possible, especially in Internet of Things and machine-to-machine areas.

Key areas where 5G will shine are smart city infrastructure and traffic management, as well as extended reality (including virtual, augmented and mixed reality), which may have broad implications for the military, transportation and other sectors.

5G brings an additional important benefit: It is designed to be much more secure than previous generations. Its resilience in the face of cyberattacks is based on the isolation of certain network functions from others.

Click the banner below to learn about federal IT solutions.

Built-In 5G Security Functions Will Need a Second Look

Among those functions, communications security protects against eavesdropping and modification attacks by encrypting traffic moving from device to cell tower. Identification and authentication of subscribers and Internet of Things (IoT) devices ensures only legitimate users can access the network.

Privacy comes from encryption of all data traffic, including phone calls, internet traffic and text messages, after mutual authentication on both ends of the communication. Security assurance is based on using network equipment that meets security standards and is implemented properly.

Still, despite built-in security features, several security issues must be tackled.

First, the initial wave of 5G networks will be built on previous generations of wireless networks and existing legacy infrastructure; these components may be untrusted or contain known vulnerabilities that can be exploited.

Second, some untrusted vendors may enter the race to bring 5G solutions to market early. Likewise, some solutions may be built without proper attention to security or may incorporate faults.

DIVE DEEPER: How the DOD works to attract more companies and workers to the 5G space.

5G Requires New Protections for Expanded Security Parameters

Third, cybercriminals may try to install a back door into the core network to allow data to be intercepted and redirected. Improper deployment, configuration or management could also make the network vulnerable to disruption and manipulation. And because 5G dramatically extends the security landscape to the edge, new protections are needed between the infrastructure and the people and devices that use 5G.

Fourth, network slicing, a key aspect of 5G, splits the physical infrastructure into multiple virtual networks so operators can use the same network for different use cases. Each network slice may need specific security capabilities and require isolation to stop the spread of distributed denial of service attacks and other attacks.

Finally, the attack surface will definitely increase, creating a target-rich environment due to the number of devices and the amounts of data they communicate. Because IoT devices are inherently insecure, each additional device on the network increases the risk that the communications infrastructure could be exposed to bad actors.

Click the banner below to become an Insider.

How Can Agencies Prepare for Secure 5G?

The first step toward secure 5G is to work backward. Remember, first-generation 5G will be built on 4G or even earlier networks with known vulnerabilities.

Your to-do list should start with these items:

  • Upgrade IoT and DNS security and URL filtering quickly.
  • Update operating systems and firmware on IoT devices when notified, and patch known critical vulnerabilities.
  • Ensure that multifactor authentication and encryption are in place across all devices.

In addition, make sure new devices are built with all necessary security capabilities, including encryption of data at rest and in transit, at each point in the network and with full control over lifecycle encryption keys. Steer clear of those with proprietary interfaces.

When it comes to implementing 5G security technology, insist on full visibility and control; encrypted traffic could contain malware or obfuscate exfiltration of sensitive data. A 5G-ready, next-generation firewall can provide deep visibility into — and granular control over — all layers in the network, along with automatic threat correlation and rapid response.

Implement endpoint and cloud protection based on zero trust to ensure everything that tries to connect to the network is verified before being granted access. Use AI-based solutions to track edge device behavior so you can monitor and react to anomalies.

Use end-to-end protection solutions to identify and block vulnerability exploitation, malicious content and suspicious behavior.

LEARN MORE: How federal agencies are leveraging 5G to Expand network capabilities.

Broader Industry Cooperation Is Needed for Full 5G Threat Protection

Some of the problems outlined above can only be addressed through broader cooperation, and help is on the way at both the national and the international level.

In 2020, the White House released the National Strategy to Secure 5G, accompanied by an implementation plan in 2021. The plan outlines efforts to facilitate the domestic rollout of 5G, assess the risks to the U.S. during development and deployment, and promotes responsible global 5G development globally.

The Cybersecurity and Infrastructure Security Agency is leading these risk management efforts related to 5G and is developing five strategic initiatives:

  • Standards development to ensure threat actors cannot maliciously influence the design and architecture of 5G networks
  • Situational analysis of risk to prevent or mitigate malicious or inadvertent vulnerabilities within the 5G supply chain
  • Stakeholder engagement for secure 5G development without legacy vulnerabilities and untrusted components
  • Innovation that increases the number of trusted vendors and addresses the risk of limited competition and proprietary solutions
  • Use case analysis to understand and manage new vulnerabilities introduced by 5G technology deployments

Additional efforts are in the works. The Defense Advanced Research Projects Agency’s open-source hardware movement is crowdsourcing vulnerability patching and working on protocol design and verification for next-generation chips. And GSMA, an industry association of mobile operators, has released a series of reference documents detailing best practices in 5G network security.

As 5G matures, we can expect to see additional assistance from public and private sector groups working in collaboration, guiding efforts to protect against known and emerging threats to 5G networks.

Getty Images/Primeimages (antennas); SeventyFour (men)
Close

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.