SoS Musings #41 - 5G Security: Are We Ready?

SoS Musings #41 -

5G Security: Are We Ready?

The improvements offered by the 5G mobile communication standard are expected to be accompanied by new security challenges. 5G is the fifth generation of wireless technology that is being rolled out by all of the US carriers, including Verizon, T-Mobile, and AT&T, nationwide. A survey conducted by Gartner, a global research and advisory company, predicted that more than 60% of organizations had made plans to adopt 5G by 2020; many of these companies will use 5G networks mostly for supporting IoT devices across their business. A report from Cisco predicts that 5G's significantly faster broadband will support over 12 billion mobile-ready devices and IoT connections by 2022, a much higher estimate than in 2017, which was 9 billion. This next generation of mobile internet connectivity is expected to improve our lives vastly by offering faster speed, lower latency, and increased capacity, increased bandwidth, and other benefits. However, 5G is expected to have a major impact on cybersecurity strategy, as indicated by a survey conducted by Information Risk Management (IRM), which revealed that over 80% of the participating senior cybersecurity and risk management decision-makers expressed concerns that 5G developments will introduce new cybersecurity challenges. It's essential to understand these challenges in order to prepare for them.

As a result of the transition from centralized hardware to distributed software-based functions, 5G networks create new opportunities for hackers to perform malicious activities. Accenture, a global professional services company, did a study in which over 2,600 business and technology decision-makers in 12 industry sectors in Europe, North America, and Asia-Pacific participated. The results of this study revealed that over 60% of them fear that 5G will increase their organization's vulnerability to cyberattacks. The Brookings Institution published an article highlighting a number of reasons as to why 5G networks are sparking security concerns. The 5G network transition from centralized, hardware-based switching practiced by earlier LTE mobile communications standards to software-defined, distributed digital routing removes the presence of hardware choke points where choke point inspection and control could be implemented. 5G now virtualizes higher-level network functions in software, which were previously performed by physical appliances, thus increasing their vulnerability to being hijacked by malicious actors. Even if all of the software vulnerabilities within the 5G network were to be addressed, software is now used to manage 5G networks, which could be infiltrated by an attacker to gain control over the network. The significant bandwidth boost offered by 5G networks will also increase the attack surface for bad actors since short-range, small-cell antennas placed in urban areas will proliferate and serve as new targets. Also, these cell sites will use 5G's Dynamic Spectrum Sharing technology, which is a technology that allows streams of information to share bandwidth in the form of slices, with each slice being at different levels of cyber vulnerability. The growth in IoT devices driven by 5G will also expand cyber risks as billions of new IoT devices with varied security levels are expected to connect to 5G networks. The security community must prepare for these new challenges.

Researchers have made efforts to discover new security flaws that impact the 5G networks. Researchers from Purdue University and the University of Iowa discovered 11 vulnerabilities in the design of 5G protocols that could be exploited by attackers to expose a user's location, change their current service to old mobile data networks, raise their wireless bill, as well as track their calls, text conversations, and web browser history. They also discovered the inheritance of vulnerabilities from 3G and 4G by 5G networks, stemming from the adoption of security features from these generations of cellular networks. These discoveries were made through the use of a custom tool they developed, called 5GReasoner. A comprehensive security analysis of the 5G standard conducted by researchers in the Information Security Group revealed security gaps associated with the 5G Authentication and Key Agreement (AKA) protocol, which is supposed to guarantee security by allowing the device and network to authenticate each other, ensuring data exchange confidentiality, and protecting the privacy of a user's identity and location. Using a tool they developed called Tamarin, they found that the 5G standard is not adequate enough to achieve the security objectives established by the 5G AKA protocol. Security gaps in the 5G standard could still allow the performance of traceability attacks despite the implementation of the 5G AKA. Researchers at Positive Technologies released a report covering the Diameter protocol, which is a component of the Long Term Evolution (LTE) standard that supports communication translation between Internet protocol network elements. 4G networks use this protocol for the authentication of authorization of messages, and, according to the report, architectural flaws in the Diameter protocol leave every 4G network vulnerable to Denial-of-Service (DoS) attacks. As 5G networks are built on the existing architecture and the protocol, they are also expected to inherit the existing security weaknesses. An article published by IEEE Spectrum further highlights 5G networks' inheritance of 3G and 4G security flaws stemming from the different timetables for 5G deployments among network operators. Since 5G networks will have to work in conjunction with legacy networks for the next few years, the next-generation cellular networks will remain vulnerable to spoofing, fraud, user impersonation, and other attacks. Network operators' continued dependence on the General Packet Radio Service (GPRS) Tunneling Protocol (GTP), used to carry packets between different wireless networks, will also leave 5G networks vulnerable to attack as the protocol contains several vulnerabilities, one of which could allow an attacker to steal credentials or spoof user session data to impersonate a user.

In efforts to address 5G network security, Idaho National Laboratory (INL) established the INL Wireless Security Institute last year, to guide and organize research efforts of government, academia, and industry aimed at improving the security of 5G wireless technology. The Cybersecurity and Infrastructure Security Agency (CISA) released a strategic plan for 5G infrastructure outlining five strategic initiatives with specific actions and responsibilities that seek to ensure the security and resilience of 5G technology in the United States. These initiatives include supporting the development of 5G policies and standards, raising situational awareness of 5G supply chain security, partnering with stakeholders to bolster existing infrastructure, increasing the number of trusted vendors in the 5G marketplace by encouraging innovation, and sharing information about newly discovered vulnerabilities and risk management strategies associated with 5G technology. These efforts require increased collaboration and information-sharing. Verizon recently shared details about its efforts to enhance 5G network security, which include exploring the use of an Artificial Intelligence (AI) and Machine Learning (ML) security framework to detect security anomalies and analyze the performance of cell towers. Other 5G network security solutions being tested by Verizon apply network accelerators and data fingerprints to increase the speed at which security breaches are detected and help companies determine whether the integrity of their data has been compromised following a cyberattack. Such efforts must continue to be made to strengthen 5G security.

As the adoption and implementation of 5G technology continues to grow, technical solutions, protocols, and research in support of bolstering 5G security must continue to be developed, validated, and conducted.