301.519.9237 exdirector@nesaus.org

Researchers discovered that both 4G LTE and 5G networks called for the unencrypted transmission of device capabilities that could leave some devices susceptible to man-in-the-middle attacks.IMAGE COURTESY OF BIGSTOCK.COM

12.19.19 – SIW –

5G is heralded as a secure cellular technology to date, but some recent well publicized exploits shouldn’t be ignored

Blazing fast wireless 5G networks are already beginning to pop up in a few major metropolitan areas in the U.S. and across Asia and Europe. Although the promise of 10 Gbps and 20 Gbps speeds is enticing, we shouldn’t get too excited just yet. It could take many years for 5G to become ubiquitous since the technology requires a very high density of antennas or “small cells” to be deployed.

While there is a lot of pent-up demand for higher speeds among consumers, it’s the enterprise that may reap the initial benefits of 5G. Companies like Verizon, AT&T, and T-Mobile are banking that “network slicing” is going to be a hot new product in their portfolio, and there are some good reasons why. Just like fiber in the ground can be divided into wavelengths and sold as virtual networks, 5G frequency can also be “sliced” into different segments to be sold to different industries. These network slices can have different characteristics. For instance, a low latency slice might be sold to a hospital performing robotic surgeries. Or, a less-expensive, slower pipe could be sold to an IoT service that only needs to report inventory once a day, like smart vending machines.

The 5G deployments that really have captured the carrier’s interests are replacements of traditional last-mile technologies. Last-mile technologies like Fiber-to-the-Curb can now all be replaced with 5G. The technology does require a significant investment from the carriers, since a higher frequency is deployed, which doesn’t travel as far. Instead of traditional cell towers, mobile operators will need to deploy many “small cells,” or miniature towers, and they will need to deploy a lot of them. Still, small cell density translates to greater speed for the enterprise. It’s faster than Wi-Fi, and many employees may opt to connect to the company 5G network over Wi-Fi because of that.

But is it Safe?

5G has been heralded as the most secure cellular technology to date, but some recent well-publicized exploits shouldn’t be ignored. The 3GPP governing body that maintains the 5G specs is already amending the security stack for 5G based on some recent findings published at Black Hat. Researchers discovered that both 4G LTE and 5G networks called for the unencrypted transmission of device capabilities that could leave some devices susceptible to man-in-the-middle attacks. Hardening the security protocols around 5G is a smart thing to do before deployments are widespread, but it is alarming that exploits are appearing long before 5G networks have even rolled out in much of the world.

As consumers and companies alike rush to adopt 5G, what are the biggest concerns that come with adapting it?

In a published report, the U.S. Dept. of Homeland Security cited both supply-chain trust as well as carrier dependencies on vendors due to proprietary deployment models as big concerns. Case in point, Huawei is one of the biggest manufacturers of 5G infrastructure equipment, but they are no longer trusted by the U.S. government, which has gone so far as to publicly caution allies about deploying their 5G equipment. Even if your home carrier doesn’t deploy Huawei or other untrusted vendor equipment, phones are by definition mobile and will be roaming onto many 5G networks that run on Huawei during their lifespan.

There are also risks that reside in the networks themselves. At its inception, 5G networks will be closely tied into 4G networks and will inherit some of the risks involved with 4G in addition to those found in 5G. As noted earlier, researchers at Black Hat already announced some early 5G vulnerabilities in the form of a mobile network mapping exploit where a hacker could potentially gain details about a device such as the type and OS of a device, and more importantly, the location.

With more small cells than traditional 4G towers, there are also more opportunities for a cell to be misconfigured in a way that leaves it open to an exploit. Tucked among a dense forest of 5G networks, it may also be easier to run a rogue small cell without being discovered. Hackers may simply be able to hide in plain sight, protected by the sheer volume of transmission equipment needed to run a 5G network.

With time, there is also going to be a loss of competition and trusted options. This risk affects carriers that may be locked into contracts with untrusted suppliers because of proprietary technology components. Since 5G will initially be intermingled with 4G, mobile operators may be locked into making choices that can compromise the security of their networks.

One of the more promising aspects of 5G is the ability for carriers to deploy low latency networks with a 1MS response time. Since devices connected to a 5G network can make decisions quickly, we may see new capabilities for self-driving cars, remote robotic surgeries, and many other applications that require decisions to be made in single-digit milliseconds. However, the nature of these just-in-time applications means the risk vector is also multiplied. While we’ve seen several recent successful ransomware attacks against small cities in the U.S., imagine the consequences if malicious actors were able to infiltrate a 5G network to hold an entire “smart city” hostage, including all the city hospitals, traffic lights and cameras, and even the power grid.

How to Mitigate 5G risks

As technology evolves beyond the traditional boundaries of corporate perimeters, companies can no longer be certain of the integrity of the network. Organizations need to shift their focus to embrace an approach of never trusting, always verifying the endpoints that access these networks. That means taking a layered approach to security. Is the device on the 5G network compromised? Is it being targeted in a man-in-the-middle attack? If the device is untrusted, should it be able to access company content, whether it resides on the device, in the company network, or in the cloud?

If we can’t trust the network and we are also facing threats that we don’t yet know about like zero-day exploits, how do we need to modify our security practices? From an enterprise perspective, it’s clear that a new approach is required.

●    Acknowledge that the firewall is dead: Company networks and data don’t reside behind a firewall anymore. Both 5G and the rapid growth of SaaS have changed all that. Once we’ve acknowledged this, we can take steps to address the challenges of 5G networks that don’t respect network perimeters.

●     Adopt a Zero Trust approach: While we don’t know a lot about the risks that will emerge with 5G, a mobile-centric zero trust approach to security can mitigate many of the risks. Zero trust assumes that bad actors are already in the network and secure access is determined by a “never trust, always verify” approach. A mobile-centric, zero trust approach validates the device, establishes user context, checks app authorization, verifies the network, and detects and remediates threats before granting secure access to any device or user. It ensures only authorized users, devices, apps, and services can access business resources.

●     Improve internal security hygiene: This may go without saying, but make sure you are leveraging encryption, especially when it comes to transmitting data. This is often overlooked when it comes to internal app development, work often done by third-party contractors. You can’t simply develop an app and let it remain stagnant for years. Incorporate the latest SSL and TLS libraries into your apps and bring security to the forefront in all of your development practices. And above all, never transmit any data in the clear.

●     Leverage machine learning to protect against Zero-Day exploits: We don’t know when and where the next 5G exploit will appear, so we need to prepare ourselves for the unknown. Deploying a threat defense solution that can analyze potentially harmful behaviors by modeling them with Machine Learning and can detect them before they appear in the wild is a great first step. Even though a threat solution may notify your organization about a threat, that won’t be sufficient. Make sure when you do detect a threat, you can take action to prevent the device from gaining unauthorized access to your data over the 5G network. An appropriate response might shut off the exploited device from accessing company or cloud resources, or even wipe important data from the risky device.

While there are promising aspects to 5G, companies and consumers alike need to recognize the risks that come with deploying faster network speeds. 5G speeds are coming and nothing can slow that down — but from a security perspective, it is critical that we shift to a zero-trust mindset before we can fully embrace the benefits that come with it.

About the Author:

Russ Mohr is the Director of Sales Engineering for MobileIron. He manages a team of Sales Engineers aligned to the company’s North and South American carriers and channels as well as its direct Corporate SE team.