5G's promises much more than lower latency and faster mobile browsing speeds. With 5G comes the potential for massive business transformation and digitalisation. It is fast-tracking and revolutionising the future of Industry 4.0 and critical infrastructure. One prerequisite is for 5G networking to be able to be operated securely. In this blog post, we would like to explain to you what needs to happen for this to be possible.
5G is everywhere in the media, and it is playing an important role in the ongoing digitalisation of society and industry. According to the GSM Association (the international association representing the interests of the mobile communications industry), 5G will make a tremendous contribution to the global economy in the future and drive the digital transformation. However, this will only be successful if companies can be sure that 5G networks and services are secure, because every new technological development also brings with it the prospect of new attacks by cyber criminals.
Digitalisation with 5G
Industrial and societal migration from 4G to 5G is underway, and the higher data speeds will be enjoyed by private end users. However, 5G development is clearly focused on industry and the potential that technological progress will offer. Edge computing becomes important here, because 5G supports and improves the increased networking and communication between devices via rapid wireless data transmission – in other words, the world of the (I)IoT. The opportunity for even faster wireless data transmission and lower latencies means that industrial processes can benefit hugely and become even more efficient as a result.
5G is (unfortunately) not risk-free
With every new technical development comes a new set of risks. In the private sector, the different mobile phone providers are responsible for ensuring the essential security of their networks. They must be able to safeguard their customers' data traffic against potential hackers. However, companies and industry will face new challenges in terms of cyber security when they use 5G. This is because integrating the new technology also creates some potential security risks.
The more devices and systems are networked with each other via real-time transmission, the more important it becomes to safeguard this data transmission, particularly as the data transmitted in an industrial context is particularly sensitive, and in the wrong hands could endanger the companies existence or, in the worst case scenario, even lead to the loss of human life.
Similarly, networks, along with network participants and usage, will change and significantly increase as a result of the real-time wireless transmission of data across spatial and temporal boundaries. This situation presents hackers with many potential points of attack. In particular, the lack of user visibility constitutes a special “opportunity” for cyber criminals.
Safeguarding 5G from potential cyber attacks
As an IT manager, the introduction of 5G presents you with complex challenges. With hybrid network use by various participants, you have to clearly manage which device and which user may access which data – and which one may not. Concepts and approaches like Zero Trust are highly relevant here. Otherwise, a confusing array of different network participants will quickly appear, with individual actions that are almost impossible to monitor. It is important here to find the right solution between the most effective protection and practicable implementation. 5G demands an (r)evolutionary progression in the way you think about security!
5G demands a new approach to security
This is because in 4G networks, the device-level attack surface was predominantly focused on just a few kinds of devices such as smartphones, tablets and LTE routers. However, with 5G, billions of IoT devices will appear on the threat horizon. IoT is “low hanging fruit” for attackers because, according to Unit 42 (the threat research arm of Palo Alto Networks), 98 % of all IoT traffic is unencrypted, which means that personal and confidential data is openly accessible on the network. Many IoT devices are unfortunately not designed for an environment like this.
On top of this, the traditional security approach in 4G networks centred on securing the perimeters. 5G networks are built on distributed software defined networks and cloud services, and they have software defined perimeters with open interfaces. 5G network functions are containerised and run on different cloud stacks. In this kind of environment, perimeter protection models are definitely obsolete. Modern models are called for, given the massive growth of the industry and the connectivity of the Internet of Things (IoT), as well as cloud services and edge computing. For example, ML (machine learning)-powered NGFWs from Palo Alto Networks deal with these new challenges of 5G network security.
Another advantage over earlier mobile networks is end-to-end slicing. This means that simultaneously several end-to-end network slices with different bandwidths and quality of service (QoS) can be set up within the same 5G network. However, this also means that all these network slices require bespoke security policies and dynamic security measures.
Only security can make networks 5G-ready
In order for 5G to deliver on its promise of enabling smart supply chains, autonomous transport, smart manufacturing and much more, it must offer enterprise-grade security. Service providers will play a key role in making their 5G networks secure – and they are making huge investments in this area here in Switzerland. But ultimately, anyone rolling out business applications on 5G needs to be mindful of this security and potentially provide additional security. A truly 5G-enabled network requires a comprehensive and robust security strategy. Among other things, this means:
Complete visibility, auditing and control at all network levels, from applications to signals to data.
Cloud-based threat analysis (using machine learning) for all access points and environments.
An orchestrated platform for the consistent, network-wide enforcement of security policies.
Transparency – the Be All and End All (and not just for 5G)
The primary aim in making 5G secure is for there to be visibility and constant real-time monitoring of the 5G signaling and data layers, in order to be able to detect security threats and attacks. For example, the 5G interfaces N2, N3, N6, N9 and N11 play an important role in this – see the graphic below. The next step is to prevent known attacks, threats and vulnerabilities automatically. These will have been detected by the network operator using constant real-time monitoring.
5G-Referenzarchitektur unseres Partners Palo Alto Networks
 N2: Reference point between the (R)AN ((Radio) Access Network) and the AMF (Access and Mobility Management Function)
N3: Reference point between the (R)AN and the UPF (User Plane Function)
N6: Reference point between the UPF and a Data Network
N9: Reference point between two UPFs (User Plane Function)
N11: Reference point between the AMF and the SMF (Session Management Function)
If malware manages to take control of IoT and mobile devices, it could coordinate simultaneous attacks on the data plane of thousands of infected devices via a C2 server. This attack is not done via the usual suspect, an internet interface (N6), but using an infected device interface (N3). If there is inadequate security on the N3 interface, the 5G core will experience overloads and possibly even failures. Other types of malware could launch attacks on the signaling layer, so it is also important to detect and prevent attacks of this kind on the N2 interface. Finally, attacks can be launched from a roaming N9 interface from another network or country.
This security visibility and prevention must be smart and able to correlate attacks, threats and vulnerabilities with the real 5G subscriber and device identities. This is the only way to automatically identify threats and attacks and enforce security mechanisms in a granular way. For unknown zero-day threats, machine learning (ML) can help to smartly stop threats, secure devices and recommend security policies. Just as important as the security of the signaling layer is the security of the data layer. In the past, standardisation bodies have emphasised the security of the signaling layers. However, the GSMA has now also included data layer security considerations in the new FS.37 reference document.
5G security is also container security
The 5G core network is fully containerised and designed for Kubernetes environments. Consequently, it needs to be secured via cloud security posture management, cloud workload protection, cloud network security and cloud infrastructure permissions management.
Cloud security posture management involves monitoring the security posture, detecting and responding to threats, and maintaining compliance.
Cloud workload protection includes securing hosts, containers and serverless environments across the entire application lifecycle (i.e. host, container, serverless and API security).
Cloud network security includes monitoring and securing cloud networks and enforcing identity-based micro-segmentation.
Finally, cloud infrastructure entitlement management is used to enforce permissions and secure identities (identity and access management, IAM) across workloads and clouds.
5G security should be able to be implemented on any cloud platform – private or public, in multi-cloud and multi-vendor environments, in the service provider's 5G core network or MEC (multi-access edge computing).
5G Technology: Going securely into the future
Enterprise-grade 5G security will help to unlock the potential of technology and drive business transformation and digitalisation. It will also help unlock opportunities in the accelerated, revolutionised future of Industry 4.0 and critical infrastructure.
The adoption of 5G may be controversial for many companies in terms of cybersecurity, but the benefits and business opportunities that arise for companies from using 5G technology are compelling.
The issue of cyber security should be prioritised up front to ensure that 5G is securely implemented. A well thought-out security strategy is a prerequisite for a secure, positive 5G roll-out It is imperative to have experienced and well-trained experts to ensure an optimal strategy and continued security.
If you have any questions about adopting a 5G-ready security strategy, Palo Alto Networks' 5G-enabled NGFWs or security in 5G or IoT environments in general, please contact us for a consultation at any time. We look forward to hearing from you!