Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label 5G Network. Show all posts

NSA, CISA Concerns Over Security Risks Against 5G Network Slicing


The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have recently released new guidelines regarding cybersecurity threats pertaining to 5G network slicing. 

The document illustrates how a network slice is “an end-to-end logical network that provides specific network capabilities and characteristics to fit a user’s needs.” 

While numerous network slices operate on a single physical network, the guidelines clarify that each network slice user is only authenticated for one specific network region, allowing for data and security isolation. 

“This type of architecture heavily relies on a Network-as-a-Service (NaaS) model, combining Infrastructure-as-a-Service with network and security services, which enhances the operational efficiency and resiliency of the 5G infrastructure […] Within a 5G architecture, the plan is to deliver the whole NaaS so that different customer segments can be efficiently supported,” reads the guideline.

According to the report, "network slicing enables operators to incorporate various network characteristics or components, possibly from different operators, to offer particular applications or services for 5G consumers. Although effective for delivering services, 5G network slicing throws a wide net of threats, including possible weak points in standards and regulations, the supply chain, and other areas."

"Although network slicing is not solely unique to 5G, it is a critical component because 5G specifications call for network slicing as a fundamental component and therefore require network operators to adopt security practices that can mitigate threats like those described in this paper, DoS, MitM attacks, and configuration attacks," the report states. 

Due to these cyber threats, the NSA and CISA have stated that maintaining and monitoring a network slice is essential for identifying and thwarting cyberattacks. 

“For more robust security, network operators should consider techniques, as referenced in this paper, such as zero trust, multi-layer security, cross-domain solutions, post-quantum cryptography, and isolation,” both agencies concluded. 

The NSA, along with CISA, has appointed members and experts from public and private sectors in order to address security concerns pertaining to 5G slicing. This resulting 5G network slicing cybersecurity report looks forward to its architecture, how it will aid in emerging technologies, such as autonomous vehicles, and guidelines on how to secure it.  

5G Security Vulnerabilities Concern Mobile Operators

 

As 5G private networks become more widely available in the next years, security may become a major concern for businesses. According to a report presented at the Mobile World Congress on Monday, significant gaps in mobile operators' security capabilities still prevail. 

According to the GSMA and Trend Micro report, 68 percent of carriers already sell private wireless networks to enterprise customers, with the rest expecting to do so by 2025. However, these may not be ready for prime time in terms of security: For example, 41% of surveyed operators claimed they are having difficulty addressing vulnerabilities connected to 5G network virtualization. 

In addition, 48% of them indicated they don't have adequate internal knowledge or resources to find and fix security flaws at all. For 39 percent of surveyed operators, a restricted pool of mobile-network security professionals is a contributing cause to the problem. 

5G Networks: Diverse Architecture, Diverse Risks 

As 5G networks are essentially software-defined and virtualized, they are a significant change from previous wireless networks. In 5G, network operations that were previously defined in hardware are transformed into virtual software capabilities that are orchestrated by a flexible software control plane. In 5G, even the radio access network (RAN) air interfaces are software-defined. The concern is that this opens the door for a slew of new exploitable flaws to appear throughout the architecture, in places where they have never been exposed before. 

William Malik, vice president of infrastructure strategies at Trend Micro, told Threatpost, “Because so much of the environment is virtualized, there will be a lot of software creating images and tearing them down – the volume of virtualization is unlike anything we have experienced so far. The risk there is that we do not know how well the software will perform under such huge loads. Every experience with distributed software under load suggests that things will fail, services will drop and any vulnerability will be wide open for exploitation.” 

“Think about the traffic at a major port – much of the work is not done by individuals but by application software coordinated by scheduling and orchestration software. If you can take this over, you can dump containers into Long Beach Harbor, or ship 2,000 pounds of Cream O’ Wheat to your neighbor. In the port of Amsterdam, the bad guys took over the scheduling software and actually had containers full of guns, drugs, and in some cases, criminals delivered without inspection into the port then smuggled onwards throughout Europe,” he added.

Moreover, rather than transmitting all data to the cloud for processing, 5G employs multi-access edge computing (MEC), which implies that data created by endpoints is analyzed, processed, and stored at the network edge. Collecting and processing data closer to the client decreases latency and gives high-bandwidth apps real-time performance, but it also creates a new footprint to secure, with new data pools distributed over the network. 

Malik added further, “We’re focusing on corporate 5G implementations, generally called NPN – non-public networks. In these environments the 5G signal is restricted to a specific area – a port, a distribution center, a manufacturing facility – so we don’t have random devices connecting, and every application and device can be authenticated (note that this is not an architectural requirement but it is a really good idea). Even with that, the 5G network will be a very efficient way to move data around the site, so if malware gets into something, it will spread fast.” 

According to the survey, MEC is a crucial part of half (51%) of the operators' plan for serving enterprises' private network demands in the next two years. Only 18% of the operators polled that they provide security for both the edge and endpoints. 

Best Practices for 5G Private Network Security:

“The bad guys will try to take over the 5G network by either sneaking some rogue software into the mix, using a supply-chain attack like SolarWinds; or sneaking past authentication to launch their own processes that can crypto mine (steal resources), exfiltrate data, or initiate a ransomware attack,” Malik predicted. 

Even though security skills are currently lacking, nearly half of the operators polled (45%) believe it is essential to invest in security to meet their long-term enterprise revenue targets – compared to only 22% in 2020. 

Due to COVID-19, 44 percent of operators have observed a spike in demand for security services from their enterprise clients, and 77 percent of operators see security as major income potential, with 20 percent of 5G revenue expected to come from security add-on services. 

The 3GPP, which is in charge of wireless network specifications, has included various security features in the 5G specification. 

According to Malik, certain security practices must be implemented: 

-employ technologies to detect activities that are malfunctioning like a process that starts encrypting everything it can touch. 

-take frequent backups and double-check that they are valid to aid recovery from an assault. 

-purchase technology from reputable sources and make use of reliable integrators to hook things up. 

Malik told Threatpost, “Best practices for securing these NPN environments would include authenticating everything and everyone – that’s the idea behind zero trust. You have to prove you are who you say you are before you can do anything on the network.” 

Moscow has completed a large-scale study on the security of 5G

The press service of the Moscow Department of Information Technologies informs that the specialists of the Scientific-Research Institute of Metallurgical Heat Engineering (VNIIMT) completed research work on the security of mobile communications of all standards, including 5G.

Scientists have determined that the levels of the electromagnetic field created by mobile communication base stations of all standards, including the fifth generation, are safe for human health. 

For a year and a half, specialists conducted street measurements of electromagnetic field levels day and night in six residential districts of the capital, where 2G-4G communication standards are presented, as well as 5G in pilot zones. Laboratory measurements were carried out in full compliance with Russian and international standards and methods.

Scientists have determined the safe level of the electromagnetic field in the prospective use of 5G standard base stations, including in millimeter frequencies such as 28 GHz and 37 GHz. In addition, the staff also analyzed the international practice of applying sanitary norms, safety standards, and recommendations.

"Like many progressive cities, Moscow strives to develop a modern communication infrastructure. At the same time, the well-being of the residents of the capital remains a priority for us. On the eve of the commercial introduction of fifth-generation networks, we wanted to get scientifically based data and be sure that 5G is safe," said Alexander Gorbatko, deputy head of the Information Technology Department. 

He added that in February 2019, the department initiated fundamental research work, which gave a final answer to the question of the security of 5G networks. 

"As for the current sanitary norm in Russia of 10 µW/cm2, which is one of the strictest in Europe: measurements and laboratory studies have shown that even with its increase, the level of the electromagnetic field will still remain at a safe level for humans," said Sergey Perov, the Doctor of Biological Sciences, head of the Laboratory of electromagnetic fields of the VNIIMT.

The results of the study were sent to the Ministry of Health of the Russian Federation and to the Federal Service for Surveillance on Consumer Rights Protection and Human Wellbeing (Rospotrebnadzor) for final decisions.

It is worth noting that in Russia, investments for the development of 5G in 2021-2027 may amount to about 1 trillion rubles ($13.6 million).

5G is the fifth generation of mobile communications, operating on the basis of telecommunications standards following the existing 4G standards. Now the fifth-generation networks are already deployed in South Korea, China, the United States, and a number of European countries.

5G network may appear in St. Petersburg by 2022


The representative of the Russian President on digital and technological development Dmitry Peskov said that in two years 5G mobile network could be launched in St. Petersburg. According to him, it will be certified at the World Radiocommunication Conference in the near future.

Mobile operators MTS and MegaFon have already received permission to create a test zone for testing 5G. Tests are planned to be carried out at frequencies in the range of 2.5-2.7 GHz.

Earlier, the Ministry of Defense, the FSB and the Federal Security Service opposed 5G, saying that this resource is used by government services and its transfer to civilian means of communication is inappropriate for security and defense reasons. To date, negotiations are underway to provide organizations with the necessary frequencies that belong to the special services.

In addition, representatives of MTS and MegaFon do not see an urgent need to launch fifth-generation communications, as the technology is expensive. In the near future, 5G technology will not be able to be used by residents of the whole country, but only of certain territories, since its technical maintenance is more complicated than LTE networks.

It is interesting to note that the first operator interested in new generation technology is MegaFon. In 2014, the company signed an agreement with Huawei on the creation of 5G test networks. For example, the operator will begin to test the operation of telemedicine services in medical institutions with the help of a new generation of mobile communications in Moscow from 2019. In addition, 5G speed record belongs to MegaFon. In June, the operator managed to achieve network data transfer at a speed of 35 gigabits per second. The tests were carried out in the laboratory on Huawei equipment.

It should be noted that 5G technologies are designed for higher bandwidth compared to 4G. New network will allow subscribers to connect with each other directly, and the speed of mobile Internet will grow to 1-2 Gbit / s. At the moment, the fifth generation networks are already deployed in several major US cities. Switzerland is actively implementing 5G in Europe. South Korea became the first country in the world to launch commercial services of the newest network in the spring of this year.

How 5G Network would Change the IoT and the Challenges Ahead



Extremely fast and effective, 5G mobile networks would increase the exposure to attacks as every internet of things (IoT) when connected to fifth-generation technology can potentially become a tempting target for attackers and cybercriminals.

The efficiency would allow for improved interconnectivity and greater control over devices and machines ranging from automobiles to traffic lights and everything in between which have internet-connected sensors embedded in it. The number of such items is reported to rise from 14.2bn to 25bn by 2021, according to global research and advisory firm, Gartner.

Major home appliance company, Whirlpool is all set to have one its factories run on 5G technology. The factory puts to use a lot of metal and as 5G penetrate through walls and doesn't reflect off metal unlike Wi-Fi, Douglas Barnes, Whirlpool's North American regional IT and OT manufacturing infrastructure applications manager, says, "This will allow us to go to truly autonomous vehicles throughout the entire plant, for maintenance, for delivery, for everything that supports the manufacturing operations. That business case carries so much weight and so much in cost savings. The payback for 5G is very favorable."

With encryption of data becoming more secure than ever, 5G technology will massively change the way users communicate over the internet, browse, watch videos and play games. However, the increased speed and effectiveness, low latency, high Gbps data transfer rates, and greater capacity also accompany more security challenges as compared to the current mobile networks. It would mean that threat actors while breaching a machine running on a 5G network, will be able to download and hence steal the data much faster than the current networks allow. It would also make it easier for criminals to execute bigger cyber attacks by utilizing the increased engagement of software required to smoothly run 5G technology.

Did hackers exploit IoT before?

Earlier in 2016, in the "Mirai botnet" cyber attack, where hackers took advantage of vulnerable IoT devices to take down major websites including Reddit, Twitter, Spotify and left much of the internet inaccessible, the incident witnessed the involvement of a large number of routers, cameras, and video recorders to take down a large chunk of the internet for the Eastern coast.

Commenting on the matter, Cesar Cerrudo, chief technology officer at IOActive, a cybersecurity consultancy, said, "I think 5G will be a more tempting target for nation-state actors than . . . hackers, as 5G will be a core communication technology for most countries,” 

US Pressures Its Allies against the Usage of Chinese Firm Huawei’s Technology; Suspects the Products to Spy on Other Countries




The US pressures its allies to not utilize Chinese firm Huawei's innovation to assemble the new 5G networks as its authorities are worried that China could be utilizing the Huawei products to spy on different nations.

"It's a hugely complex strategic challenge," said GCHQ chief Jeremy Fleming, all the while giving accentuation on the requirement for better cyber-security practices in the telecoms industry. In spite of the fact that the National Cyber Security Centre - some part of GCHQ - said a few weeks earlier that any hazard presented by the company could be overseen.

The vast majority of the UK's mobile companies, for instance Vodafone, EE and Three are known to have been working with Huawei on 5G, yet as of now they are anticipating the results of a government review, due in March or April, that will further choose to decide whether or not they'll be permitted to proceed with it.

An on-going report from the Royal United Services Institute said it would be "naive" and "irresponsible" to permit Huawei the access.

 “We have to understand the opportunities and threats from China's technological offer - understand the global nature of supply chains and service provision, irrespective of the flag of the supplier. Take a clear view on the implications of China's technological acquisition strategy in the West, and help our governments decide which parts of this expansion can be embraced, which need risk management, and which will always need a sovereign, or allied, solution." Said Fleming in his speech at an event in Singapore.

Focusing on the requirement for more grounded cyber-security over the telecoms sector, Fleming stated: "Vulnerabilities can and will be exploited. But networks should be designed in a way that cauterises the damage."

Since 5G is critical to the UK government therefore in order to guarantee that Britain stays competitive as a country, as per Gartner senior research director Sylvain Fabre, “They are reviewing the situation, in a way that hasn't been done in the past, but it sounds like all options are still on the table," he told the BBC.

Meanwhile the US is seeking after criminal allegations against Huawei and its CFO, Meng Wanzhou. Talking at a round table at Portable World Congress in Barcelona on the 24th of February, Huawei's rotating chairman, Guo Ping, says that,

"Huawei needs to abide by Chinese laws and also by the laws outside China if we operate in those countries. Huawei will never, and dare not, and cannot violate any rules and regulations in the countries where we operate."

New security flaws in 4G and 5G




Security researchers have found three new security flaws in 4G and 5G, which could be exploited to intercept the phone calls and track the location of a cell phone.

Discovery of the flaws is said to be a huge set back for both 4G and the new 5G technology, which is much more faster, and has better security, it is particularly against the enforcement law of cell site simulators, known as “stingrays.”

“Any person with a little knowledge of cellular paging protocols can carry out this attack,” said Syed Rafiul Hussain, one of the co-authors of the paper, said in an Email interview with TechCrunch.

The team includes Syed Rafiul Hussain, Ninghui Li and Elisa Bertino from the Purdue University, and Mitziu Echeverria and Omar Chowdhury from the University of Iowa. They have revealed their findings at the Network and Distributed System Security Symposium in San Diego on Tuesday.

The paper includes details of the attacks that could be implemented.  The first is "Torpedo, which exploits a weakness in the paging protocol that carriers use to notify a phone before a call or text message comes through. The researchers found that several phone calls placed and canceled in a short period can trigger a paging message without alerting the target device to an incoming call, which an attacker can use to track a victim’s location. Knowing the victim’s paging occasion also lets an attacker hijack the paging channel and injector deny paging messages, by spoofing messages like Amber alerts or blocking messages altogether," reported by TechCrunch.

According to security experts, most of the operators in the US including AT&T, Verizon, Sprint and T-Mobile are affected by Torpedo, and the attacks can be carried out with radio equipment costing as little as $200.