With the advent of 5G, mobile networking is undergoing a huge transformation. The 5G network offers a number of benefits and improvements, including faster network connectivity, lower latency, and up to 100x more connected devices in an area. With these new capabilities, a mobile network can now support a greater number of connected devices, subsequently creating opportunities for increased business use of mobile and Internet of Things (IoT) devices.

Security Challenges of 5G

The new 5G network provides a wide range of benefits should enterprises choose to take advantage of it. Conversely, it creates security challenges for these organizations as well.

Decreased network visibility

One of the greatest challenges facing enterprise security teams is a growing lack of visibility into their enterprise network traffic. While these teams can monitor business traffic over their broadband Internet and multiprotocol label switching (MPLS) links, they are blind to traffic flowing directly to cloud resources over the public Internet or the use of mobile networks by company-owned devices.

With 5G, this visibility problem will increase. Higher network speeds and bandwidth on mobile networks will encourage the use of these networks for corporate IoT and mobile devices, increasing the percentage of corporate traffic into which the security team lacks visibility.

Expansion of the Internet of Things

In addition to high speeds and increased bandwidth, 5G also offers a 90% reduction in energy consumption, making it an ideal choice for power-constrained IoT devices. As a result, these devices will increasingly be connected to and accessible from the public internet.

IoT devices are notorious for their poor security, which includes the use of default passwords, insecure protocols, and built-in backdoors. Connecting these devices directly to mobile networks, where the company lacks visibility, will make them increasingly vulnerable to attack.

The limited 5G supply chain

In recent months, Huawei has frequently appeared in the news as countries consider banning the company’s systems from their 5G networks. These decisions are significant and newsworthy because there are few companies manufacturing the systems needed for 5G networks and Huawei is the largest.

With 5G, mobile networking has moved to primarily software-defined networking, meaning that programming errors in 5G systems can have significant impacts on mobile network security. Huawei components are known to have security vulnerabilities, which could potentially enable cyber criminals to exploit the 5G network and connected devices. Other vendors’ products could have similar vulnerabilities or be targeted by supply chain attacks.

Fake and vulnerable base stations

The 5G network is designed to move most of the network’s functionality to the edge, within 5G base stations.  With 5G, more base stations are required, and they cover a smaller geographic area. This shift to a greater number of more powerful cellular towers makes them a potential target of attack.  Alternatively, a fake base station can be used to eavesdrop upon or attack devices using the 5G network.

Security with 5G Networking

With the shift to 5G comes a need to redesign network security. Organizations can now attach more devices to mobile networks, which is already a place where they have limited visibility and security controls.

The rise of 5G requires a shift to a zero-trust security model. When devices connected to untrusted 5G networks become compromised, they can bring infections back to the trusted enterprise environment.  As devices flip between trusted and untrusted networks, organizations need the ability to identify all of the systems connected to their network and authenticate all requests from them to protected and sensitive resources.

Sources

https://www.datacenterknowledge.com/security/5g-adoption-should-change-how-organizations-approach-security
https://techcrunch.com/2019/10/09/european-risk-report-flags-5g-security-challenges/
https://threatpost.com/5g-and-iot-how-to-approach-the-security-implications/148681/