Countries are now racing to deploy 5G, short for 5th generation mobile networking or 5th generation wireless systems. The Fifth Generation (5G) mobile networks promise fast Internet for everyone, smart cities, driverless cars, critical health care, “internet of things” revolution, and reliable and secure communications for critical infrastructures and services. The coming 5G standard will offer towering benefits, such as enhanced speed and performance, lower latency, and better efficiency.
But it will also come with risks. Mobile communications systems have evolved through wireless technology innovation into 2G, 3G, and then 4G to keep pace with ever-increasing voice and data traffic. Security mechanisms have also been enhanced in mobile communication systems. For instance, one-way authentication in 2G has been elevated to mutual authentication in 3G & 4G; key length and algorithms are becoming more robust; as mobility management is improving, a forward key separation in handovers has been added in 4G; also more effective privacy protection is considered. However, 5G is no longer confined to individual customers. It’s not simply about having a faster mobile network or richer functions in smartphones.
Although 5G is susceptible to many of the same cybersecurity risks found in today’s existing telecommunications and enterprise networks, it’s also subject to new avenues of attack against core network services due to a more complex ecosystem of technologies and operations.
5G Security Vulnerabilities
In a paper titled “A Formal Analysis of 5G Authentication,” researchers from ETH Zurich, the University of Lorraine and the University of Dundee warned that 5G could usher in a new era of security threats. 5G presents new risks because It’s an immature and insufficiently tested set of technologies; It enables the movement and access of vastly higher quantities of data, and thus broadens attack surfaces, and We will depend on it more than 4G for mission-critical applications. 5G systems are going to be service-oriented. This implies there will be a special emphasis on security and privacy requirements that stem from the angle of services. The rise of new business, new architecture, and new technologies in 5G will present new challenges to security and privacy protection.
5G will also bring a more complex network topology, which could offer opportunities for hackers. The network has moved away from centralized, hardware-based switching to distributed, software-defined digital routing. Previous networks were hub-and-spoke designs in which everything came to hardware choke points where cyber hygiene could be practiced. In the 5G software-defined network, however, that activity is pushed outward to a web of digital routers throughout the network, thus denying the potential for chokepoint inspection and control.
Because 5G networks will be mostly software-defined networks, future upgrades will be software updates and thus will be vulnerable to much like the smartphone upgrades. 5G networks will support a massive number of connected devices, which together with elevated use of virtualization and the cloud will equate to many more 5G security threats and a broader, multifaceted attack surface.
5G is linked through an Application Programming Interface (APIs): 5G leverages APIs to enable communications between service functions. Insecure APIs can expose core services to attack and place the entire 5G network at risk. The example of SolarWinds, NotPetya and CCleaner shows that an attack on a single API could jeopardise the entire infrastructure.
5G connects the virtual and real worlds: 5G is based on decomposed, virtualized, and distributed network functions. This type of convergence both exposes new points of cyberattack and leads to challenges in cybersecurity management. Moreover, the connection of virtual and real worlds by 5G means If a particular network infrastructure is compromised, the consequence will not only be limited in the digital world. On the other hand, attackers can target connected physical devices such as sensors and cameras and enable them to be taken over and used for distributed denial-of-service (DDoS) attacks.
In a world of interconnected networks, devices, and applications, every activity is a potential attack vector. This vulnerability is only heightened by the nature of 5G and its highly desirable attributes. The world’s hackers (good and bad) are already turning to the 5G ecosystem, as the just concluded DEFCON 2019 (the annual ethical “hacker Olympics”) illustrated. The targets of this year’s hacker villages included key parts of the 5G ecosystem such as aviation, automobiles, infrastructure control systems, privacy, retail call centers, and help desks, hardware in general, drones, IoT, and voting machines.
Security researchers at Purdue University and the University of Iowa have found close to a dozen vulnerabilities, which they say can be used to track a victim’s real-time location, spoof emergency alerts that can trigger panic or silently disconnect a 5G-connected phone from the network altogether. The researchers expanded on their previous findings to build a new tool, dubbed 5GReasoner, which was used to find 11 new 5G vulnerabilities. By creating a malicious radio base station, an attacker can carry out several attacks against a target’s connected phone used for both surveillance and disruption. All of the new attacks can be exploited by anyone with practical knowledge of 4G and 5G networks and a low-cost software-defined radio, said Syed Rafiul Hussain, one of the co-authors of the new paper.
In one attack, the researchers said they were able to obtain both old and new temporary network identifiers of a victim’s phone, allowing them to discover the paging occasion, which can be used to track the phone’s location — or even hijack the paging channel to broadcast fake emergency alerts. This could lead to “artificial chaos,” the researcher said, similar to when a mistakenly sent emergency alert claimed Hawaii was about to be hit by a ballistic missile amid heightened nuclear tensions between the U.S. and North Korea.
Another attack could be used to create a “prolonged” denial-of-service condition against a target’s phone from the cellular network. In some cases, the flaws could be used to downgrade a cellular connection to a less secure standard, which makes it possible for law enforcement — and capable hackers — to launch surveillance attacks against their targets using specialist “stingray” equipment.
IDST Monthly Access Membership Required
You must be a IDST Monthly Access member to access this content.