5G SA increases attack vectors say ABI Research and LightCounting analysts

En garde! Analysts warned during this week's Silverlinings Cloud-Native 5G Summit that standalone (SA) 5G expands the attack surface for the would-be “network of networks.”

Speaking at the session “Security Problems and Solutions,” ABI Research's Senior Research Director Michela Menting and LightCounting’s Chief Analyst Stéphane Teral discussed some of the issues that loom as cloud-native 5G SA networks become ever more prevalent.

Bringing together the network wonks and the software geeks creates new challenges for both teams, Menting explained.

“There is a learning curve for mobile network operators and network equipment providers to expand their knowledge in a software-based architecture and cloud native functions, and understand the threats and vulnerabilities that it brings,” she said.

“On the other hand, there’s a learning curve for security and software providers coming from the IT space to understand how 5G works, how the core works and how they can adapt their solutions to that new ecosystem,” she continued.

For example, the analyst said, using certificate management for network functions to provide identity, access control, communication security and more. The players need a total understanding of network functions to provide full automation and the ability to hide it.

“We’ll see the need to adapt from kind of both sides of the party,” Menting said.

LightCounting’s Teral, meanwhile, highlighted the thousands of new strands of code from APIs, as well as countless novel IoT devices, that will arrive as operators slowly but surely move to 5G SA networks. Noting that most of the massive automated IoT deployments are currently taking place in China, Teral warned that APIs and automated endpoints represent “new hacking opportunities.”

“As platforms become more widely used, they tend to attract more threat actors,” Menting added.

Of course, 5G is designed to enable broader use. With massive machine-type communications (mMTC) — where the 5G SA network can support a million devices or sensors in a square kilometer (rather than the maximum 4,000 that 4G LTE could support) — you could have hundreds of thousands of devices deployed in a private 5G network across many different sites across the globe, she noted, adding, “For an attacker, that’s a lucrative target."

Slicing security

In addition, network slicing broadens the risk panorama even further, the analysts said. 

Menting explained that the particular threat from slicing is that it cuts across all the various elements of the network, from the radio access network (RAN) to the core. Maybe you’re mixing different cloud providers, or infrastructures for it, as well. She said that the 3GPP has put in a lot of very good security features and requirements in the standard, meaning that as long as a company or operator has implemented these, the threat will likely come from organized crime or state actors, rather than a common hacker. 

Still, Menting said, it's important to do the risk assessment beforehand and understand that there will be unknowns. “Prepare to have the bandwidth to deal with it and not be surprised by it,” she said.

Teral noted that there are very few active network slices in the world right now. “As more end-to-end slices are deployed, the number of attack vectors is going to increase,” the analyst said.

He added that self-driving cars, among other things, could become targets on a virtual slice in the future. “These cars will potentially use a slice on the 5G network. This is a mission critical type of application that needs to be really taken care of with the right security features so, you know, nothing goes wrong,” Teral said.


Want to know more about cloud-native 5G and security? Watch the Cloud-Native 5G Summit on-demand today.