Intelligent CIO Europe Issue 20 | Page 42

FEATURE: MOBILE SECURITY ////////////////////////////////////////////////////////////////////////// As cutting-edge technologies are introduced to the market, security concerns develop accordingly and using security as a criteria for quality will enable operators to remain competitive. Experts outline some of the greatest risks facing 5G networks as they begin to launch around the world. P ositive Technologies has released its report, 5G Network Security: Vulnerabilities Old and New, which outlines some of the greatest risks facing 5G networks as they begin to launch around the world. 5G promises superfast connection speeds, ultra-low latency and greater capacity which represent huge opportunities for operators to transform their businesses, allowing them to offer new services and generate revenue through previously unavailable means of monetisation. However, these opportunities will be accompanied by risks. Positive Technologies experts pioneered research into telecom security. The company was the first to discover the security issues associated with SS7 back in 2014, showing how such flaws could be exploited for everything from remotely intercepting phone calls, to bypassing 2FA for access to social media profiles. With its deep knowledge of the latest 5G networks, the report outlines what is known about the standardisation and architecture of 5G networks, and what security issues could come to the fore as a result. Vulnerabilities inherited from legacy networks Positive Technologies experts highlight that many 5G networks will have known vulnerabilities from day one, due to the fact they rely on existing 4G infrastructure. According to 3GPP Release 15 for 5G which came out in summer 2018, the first wave of 5G networks and devices is classified as Non-Standalone (NSA). In other words, devices will connect to 5G frequencies for data transmission when needing greater bandwidth and lower latency (such as for communication between smart cars), or to reduce power draw on IoT-enabled devices, but will still rely on 4G and even 2G/3G networks for voice calls and SMS messaging. Therefore, at least during the transition period, future 5G networks will inherit all the vulnerabilities of previous generations. Every diameter-based 4G network examined in a recent security audit was found to contain vulnerabilities which hackers could exploit to perform a range of illegal actions, such as locating users, intercepting SMS messages and instigating denial of service (DoS) attacks. This means the first 5G networks will remain vulnerable to these attacks. Jimmy Jones, Telecom Business Development Lead, said: “Operators and equipment manufacturers alike have a unique chance to avoid repeating the mistakes of previous generations, where network security issues had to be resolved on the fly in active infrastructure. Acutely aware of the vulnerabilities that may lay ahead, they can Experts discuss 5G launching with security flaws 42 INTELLIGENTCIO www.intelligentcio.com