Built-In 5G Security Functions Will Need a Second Look
Among those functions, communications security protects against eavesdropping and modification attacks by encrypting traffic moving from device to cell tower. Identification and authentication of subscribers and Internet of Things (IoT) devices ensures only legitimate users can access the network.
Privacy comes from encryption of all data traffic, including phone calls, internet traffic and text messages, after mutual authentication on both ends of the communication. Security assurance is based on using network equipment that meets security standards and is implemented properly.
Still, despite built-in security features, several security issues must be tackled.
First, the initial wave of 5G networks will be built on previous generations of wireless networks and existing legacy infrastructure; these components may be untrusted or contain known vulnerabilities that can be exploited.
Second, some untrusted vendors may enter the race to bring 5G solutions to market early. Likewise, some solutions may be built without proper attention to security or may incorporate faults.
5G Requires New Protections for Expanded Security Parameters
Third, cybercriminals may try to install a back door into the core network to allow data to be intercepted and redirected. Improper deployment, configuration or management could also make the network vulnerable to disruption and manipulation. And because 5G dramatically extends the security landscape to the edge, new protections are needed between the infrastructure and the people and devices that use 5G.
Fourth, network slicing, a key aspect of 5G, splits the physical infrastructure into multiple virtual networks so operators can use the same network for different use cases. Each network slice may need specific security capabilities and require isolation to stop the spread of distributed denial of service attacks and other attacks.
Finally, the attack surface will definitely increase, creating a target-rich environment due to the number of devices and the amounts of data they communicate. Because IoT devices are inherently insecure, each additional device on the network increases the risk that the communications infrastructure could be exposed to bad actors.