5G Security Vulnerabilities

March 15, 2021
There’s a growing need for constantly connected computers and devices, the Internet of Things (IoT), and widespread smartphone use, which are what fuel this technology’s deployment. All of these demands […]

There’s a growing need for constantly connected computers and devices, the Internet of Things (IoT), and widespread smartphone use, which are what fuel this technology’s deployment. All of these demands have strained 4G LTE networks, creating the need for a network that’s more capable of handling our burgeoning connectivity requirements.

Therefore, operators across the globe are competing to roll out new 5G networks for their customers, while manufacturers are developing and producing 5G-ready devices to match. 

However, 5G is not without its drawbacks. 

All of its purported benefits aside, some have voiced their concerns about the network’s potential vulnerabilities. They say that the 5G network’s security is more evolved and efficient than that of the previous generations — but that doesn’t mean it’s impervious to criminal activity.

A recent Accenture study of over 2,600 businesses in a dozen industries across North America, Europe, and Asia Pacific found that 62% of the surveyed companies feared that 5G would leave them vulnerable to cyberattacks. 

While there are a variety of security concerns that pertain to all 5G networks, this article specifically highlights only those that affect standalone 5G networks.

Food for Thought from Our 2022 ICT Visionaries

Standalone (SA) Hazards

5G technology requires 2 streams: standalone (SA) and non-standalone (N-SA). The N-SA stream relies on old 4G infrastructure to work, as 5G standards need official approval and finalization first.

The standalone stream is a brand-new, end-to-end network that runs completely on 5G technology. Service providers need to implement SA 5G infrastructure completely in order to offer customers the improved capacities and low latency that the 5th-generation network has promised.

5G differs from previous networks in several ways. It’s a software-defined network that runs on network function virtualization. This system offers numerous benefits, but also makes the network notably more vulnerable to multi-dimensional cyberattacks.

Older networks, for example, make use of hardware choke points as they are hardware-based and centralized in nature. The digital routing of 5G, however, does not boast control and inspection choke points. 

International cybersecurity company Positive Technologies conducted an investigation into SA 5G. They aimed to assess its architectural security, the interactions between its network elements, and the viability of its registration and subscriber authentication processes.

Their probe uncovered 2 vulnerable protocols: PFCP and HTTP/2.

The exploitation of Packet Forwarding Control Protocols (PFCP) could result in the denial of service for customers. PFCP manages subscriber connections, and its sessions include 3 protocols. These are session establishment, modification, and deletion. Attackers can implement the denial of service attacks through session deletion or modification requests, or by the redirection of data through the latter requests.

HTTP/2 protocols also pose risks. The firm found that attackers could use these protocols to hack into network functions profiles and impersonate network services. HTTP/2 manages crucial network functions that register and save profiles on 5G networks. If an attacker gains access this way, they are able to view authentication statuses, subscriber settings, and current locations for network access. They may be able to delete NF profiles, potentially causing monetary losses and customer migration as a result.

It’s crucial to handle standalone 5G networks’ vulnerabilities properly, as network security problems could place essential services such as transportation, hospitals, and public utilities, in jeopardy. 

x-Tactics for Prevention

Only proper network configuration can put a stop to these kinds of attacks. Alas, the possibility of errors is present even then. Network operators need to conduct frequent security audits to identify and correct configuration errors before they’re exploited.

Operators need to prioritize regular security monitoring and improve their implementation of firewalls to keep unwanted third parties at bay. 

5G’s rapid speeds, ultra-low latency, and impressive bandwidth, will be highly advantageous to subscribers. That said, potential security risks are ever present. Therefore, it’s important for network providers and their clients to monitor and address them in a proactive fashion.

Like this Article?

Subscribe to ISE magazine and start receiving your FREE monthly copy today!

About the Author

Alex Thornhill

Alex Thornhill is Editor at Efficient iP, a network security and automation company, specializing in DNS-DHCP-IPAM (DDI). Since 2004, they have continued to expand their reach internationally, providing solutions, professional services and support all over the world with the help of select business partners. They have delivered successful projects to over 1,000 customers globally, and ensured operational efficiency through dedicated customer care. For more information, email Efficient iP ; and visit https://www.efficientip.com/.