Press Releases

Securing the future: Navigating the risks and benefits of private 5G

March 23, 2023

Posted by: Shriya Raban

Udo Schneider of Trend Micro

Private 5G networks are all the rage. At Mobile World Congress last month, IBM and Nokia joined hands to kick off the development of a “seamless, simplified private” 5G managed service offering, while Cisco and NTT announced a collaboration to bring their private 5G services to enterprise customers in selected sectors, says Udo Schneider, IoT security evangelist, Trend Micro.

Unlike earlier technologies, private 5G networks sometimes referred to as campus networks or non-public networks (NPNs) were designed from the outset to enable efficient communication between devices. They offer numerous advantages, including high bandwidth, fast speed, low latency, enhanced privacy (due to their “on-premise” components) and greater scalability, to enable deployment scenarios where radio-based technologies simply could not be used before.

But while organisations power ahead with their 5G initiatives, they must be cautious not to repeat the hard lessons from the past 25 years. Cybersecurity should not be an afterthought for private 5G, but an integral pillar in every business models.

Unlocking new opportunities

While private 5G networks can improve the return on investment (ROI) of many existing use cases for radio technologies today, they can also unlock other uses cases that were simply not possible before.

For example, time sensitive network connectivity has traditionally been a stronghold of cable-based networks. Now, with 5G and its improved latency across all layers, many new deployments of industrial control infrastructure are seriously considering a 5G model instead. The increased cost for private 5G is easily offset by the savings in physical cabling, and you’ll gain more flexibility “for free”. The scaled up support for devices and covered area also benefits smart city developments. Instead of requiring a whole host of access technologies for different classes of devices, 5G would enable coherent connectivity across a diverse range of previously disparate devices and technologies such as smart cars, autonomous vehicles (public transport, drones), intelligent traffic systems and utilities, and more.

In healthcare, streamlined remote monitoring devices simplify processes and improve patient care. Additionally, remote operating theatres require low latency and high bandwidth, which were previously unavailable, especially in remote or crisis hit areas.

Understanding deployment models

Use cases aside, there is still relatively limited awareness about how core and radio access networks function. This is because, for public mobile networks, telecom operators construct and manage both the core and radio access networks. With the emergence of private 5G, this is set to change significantly. In fact, there are several ways to run a private 5G network, including:

5G security concerns

Contrary to popular belief, private 5G networks are not automatically immune to attack. Unfortunately, the secure operation of 5G equipment requires experience and technologies that are typically not available to those responsible for IT or OT combining telecoms sector knowledge (CT – Communication Technology) with their existing OT and IT knowledge. This also applies to situations where the 5G network is operated by a telecom operator, either autonomously or as a network slice.

An end-to-end security approach to enterprise 5G extends from the core network to Multiaccess Edge Computing (MEC), RAN, and user experience.

Core network security: The process of virtualisation, one of the core technologies for deploying and operating 5G core networks, can make them more vulnerable to IT attacks. This is because 5G typically uses Commercial Off The Shelf (COTS) server hardware, for example, Open Compute Project (OCP) based servers and Linux software, all of which are vulnerable to IT attacks such as Spectre, Meltdown and those on BMC modules.

MEC security: MEC involves moving virtualised processing functions to the edge of the radio network, which can leave them vulnerable to traditional VM or container attacks. On the other hand, combined with applications on the SIMs (physical or eSIM), MEC solutions can ensure confidentiality and integrity of communications regardless of the mobile device.

RAN security: RAN security requires solid vulnerability management, especially for open RAN approaches, which are gaining ground for 5G deployments and rely on well-known virtualisation and operating platforms that can contain vulnerabilities.

APNs & base stations : Still often used in today’s 4G/5G networks, APNs do not provide real network separation and the use of VPNs is highly recommended5G Network slicing however does provide real separation. Meanwhile, with some core networks using cleartext or failing the check certificates well, base stations can be vulnerable to man-in-the-middle (MitM) attacks, and critical patches may require downtime planning.

User equipment: 5G user equipment, which could include autonomous industrial trucks, robots, drones, as well as regular handsets, is all prone to attacks such as SIM swapping. A SIM card can be stolen from a device and installed in the attackers to give them access to the campus network, which they can then scan for vulnerabilities, or use to attack other devices.

A new playground for cybercriminals

Per the above, the shift from traditional telecom technologies towards standards-based COTS infrastructure, combined with well-known IT technologies like virtualisation and software-defined networking all increase the attack surface of 5G networks. That said, the number of large scale attacks on private 5G environments still remains low.

However, this is not due to 5G environments being inherently more secure. From the perspective of cybercriminals, attacking 5G is currently not lucrative enough to justify the investment, particularly when compared to other approaches such as ransomware attacks on supply chains.

Nevertheless, past experiences have taught us that cybercriminals are constantly evolving their business. With 5G becoming a critical component of numerous new use cases, it is likely that cybercriminals will develop attack and business models targeting those scenarios. For customers whose entire value chain is reliant on a functioning 5G infrastructure, for example, their willingness to pay ransom will be particularly high. Therefore, it is a matter of when cybercriminals will start targeting 5G, rather than if.

Securing the network

5G networks are being used by more and more organisations to meet the demands of today’s world. However, this has significant security implications. The lines between IT, OT and CT security responsibilities are blurring, maintenance costs are rising, and IT/OT staff must equip themselves with telecoms skills to secure the network.

Secure practices and measures remain key to protecting the 5G network. Here are some that organisations can implement to strengthen their security:

The author is Udo Schneider, IoT security evangelist, Trend Micro.

Comment on this article below or via Twitter @IoTGN