Ignacio Herrero, NetNumber’s Sales Director for Southern Europe
I had the opportunity earlier this month to speak at the virtual 5G Forum. My chosen topic was no small matter—the challenges and requirements of securing 5G signaling networks. With our digital lives, not only our data but our finances and even our health will depend on the security of 5G networks.
5G networks are the infrastructure of the future—and they will revolutionize industries by allowing users to access more data than ever before. By 2026, there will be more than 3 billion 5G subscribers. And 5G will be the primary infrastructure for connecting businesses and people with each other. The world’s data will rely on the security of these networks. And signaling will play a key role in orchestrating the services that make these connections happen—securely.
In 5G the need for security is going to be bigger than ever. The ubiquity of applications that will use 5G will require sharing sensitive data including personal identifiable information (PII) or a user’s location. Some of these uses will even be mission critical, such as autonomous driving or video connections for remote surgery. This information is gold to bad actors, and network providers must be ready for more frequent and complex attacks, especially when some situations are literally life or death. Service providers need the capacity to quickly address new demands facing business, adapt to the changes needed and all the while protect the processes and IP (intellectual property) for each industry.
Some good news: unlike previous network technologies, 5G standards are being defined using lessons learned from previous generations, but we cannot think about 5G in isolation. 5G must work intergenerationally with 2G, 3G, and 4G, all of which did not have security front of mind.
In principle, the designs that are being applied to the 5G network require mutual authentication. This means that both the sender and the receiver are known, and also have a trusted relationship. We must eliminate the presumption that we have maintained with previous network technologies that our internal network environment is secure.
It is not. It is vulnerable.
We also must understand that any point of the network can be breached. There are more than 800 mobile operators and carriers in the world interacting, thus securing signaling traffic must be of the highest priority. Service providers must protect against other networks and external malicious actors first to be able to protect their own network core, subscribers, and their data. At any point the network may be breached, necessitating an active contextuality check of each message (right message in wrong context—a dead give-away of illicit activity) and lastly that data be fully encrypted end-to-end, internally and across networks. In the certain event of breaches, these three measures together suppose more reliable obstacles against the malicious agents.
Therefore, we must keep an eye on our 5G network against all threats, both from within and from outside of the network. Service providers must protect their network from other networks and external malicious actors. This is key to protecting their own network core and their subscribers’ data.
Summarizing, 5G promises to shake up the world, and enable us to overcome many of the limitations of current network technologies—like Industry 4.0, automation, very innovative and pervasive services in all aspects of our lives (Society 5.G), and the ability to modify and tune these services very quickly.
Yet all forecasts agree, there will be a long period of evolution and adoption of 5G. For many years to come, there will be coexistence with 2G, 3G and 4G technologies. Our 5G will only be as secure as is the weakest link in our legacy technologies. We need to think about 5G not in isolation, but in an intergenerational way. And that applies to security as well.