Innovative services for 5G networks pose risks

New network, new challenges
Innovative services for 5G networks pose risks



By Karl Heuser

Related providers

With every new opportunity that 5G opens up for digital service providers, there are also lucrative starting points for attackers. Now that network operators are setting up 5G standalone networks (SA), there is an even larger attack surface with even more valuable targets.

A quick response to a detected threat is important for the protection of 5G networks and the acceptance of services and services running from there.
A quick response to a detected threat is important for the protection of 5G networks and the acceptance of services and services running from there.

(Picture: © Yingyaipumi – stock.adobe.com )

The consequences of successful DDoS attacks are passed down, i.e. to the providers of 5G services. Accordingly, communication service providers (CSP) in the 5G network must take responsibility for the security of their services on several levels. First of all, it is important to ensure their reliability, which is highly dependent on network availability. Then loss or theft of data must be reliably prevented. And finally, it is important to meet regulatory or compliance requirements.

Companies fear network outages caused by DDoS

In particular, companies fear that their digital infrastructure will be exposed to additional attacks by 5G. According to a Accenture’s survey 35 percent of decision-makers in companies have concerns about 5G security. 62 Percent fear that 5G will increase the frequency of attacks. DDoS attacks on network availability are classified as the main cause of disruptions.

Additional problems for CSPs

According to the latest Threat Intelligence Report by Netscout in the second half of 2021, the mobile industry recorded a 38 percent increase in attacks worldwide, while many other telecommunications sectors recorded a decrease in the same period. This trend probably reflects the continued increase in gamers using Wi-Fi hotspots, as well as the rapid spread of 5G technologies and services.

Voice-over-IP (VoIP) communication providers have also been affected by high-profile DDoS extortion or ransomware DDoS attacks by a REvil copycat perpetrator. This resulted in an estimated revenue loss of $9 to $12 million. According to the North American Industry Codes, VoIP providers and their infrastructure fall under two primary industries: telecommunications companies and data processing hosting and related services (cloud computing). In the first category, attacks increased by 93 percent in the first half of 2021, while in the second category there was a significant increase in the EMEA region. In fact, the “Data processing hosting and Related services” category was the top destination in EMEA for the second half of 2021.

And with 5G SA, a new problem area is now being added. This is because 5G SA is changing the architecture of the mobile radio core and replacing it with a new 5G core based on a service-based architecture. The stand-alone variant (SA) also introduces a variety of new protocols as well as containerization and orchestration initiatives. Next-generation 5G services will run within a cloud-native architecture over new virtualized network infrastructures.

These 5G SA networks are currently still in the initial phase of rollout and enable mobile services such as Massive Machine Type Communication (MMTC) and Enhanced Mobile Broadband (EMBB). It is precisely this combination of the potential vulnerabilities of newly developing networks with communication processing that has only minimal human intervention that is exactly what attackers find so attractive as a target.

In addition, the spread of devices in the Internet of Things (IoT) has increased enormously in recent years. But each of these networked devices offers not only functionality, but also additional attack surfaces for DDoS attacks. And one thing is certain: the demand for new and expanded services via 5G networks will continue to increase over time. This inevitably leads to the use of more 5G devices and greater network usage, which opens up space for more attacks. This is how IDC predictsthat in 2025, 152,200 IoT devices will connect every minute.

What to do?

During the pandemic, providers are already recording peak numbers of service accesses in the previously established networks, in addition to data transfers for video conferences, streaming and games. Security concepts with high network utilization are therefore no foreign terrain for the operators. In order for new services and thus revenues to be generated via 5G networks, providers must also establish an adequate infrastructure for the protection of critical networks and services. It makes sense to take a risk-based approach to protecting services, because different services have different requirements and risk levels.

By taking a proactive approach to threat detection and mitigation, CSPs can respond more quickly to detected threats to protect 5G networks and accelerate the adoption of services running over them. For this purpose, service providers must ensure complete end-to-end transparency of service traffic both at the interfaces to the used network and within the packet core at the control level as well as for data transmissions at the user level in order to be able to identify and eliminate potential risks in the context in a timely manner.

Know what’s happening

As mobile malware continues to spread and more IoT devices are deployed, monitoring the botnet population is becoming increasingly important. To assess the threat situation and identify compromised devices, threat intelligence services are suitable that present current information on cyber attacks and other threats from different sources in a consolidated manner.

This allows you to initiate automated reactions to specific forms of attacks at all control and user levels as well as for the infrastructure used. After all, the ability of providers to quickly limit damage through direct interventions or network policy functions will ultimately have a decisive influence on their market positioning.

But not only the detection of threats is important, but also a continuous overview of changes in network, service and user behavior. The situational awareness developed in this way through consistent visibility and intelligent data metrics allows the proactive handling of threats and potential misconfigurations.

Karl Heuser.
Karl Heuser.

(Photo by Netscout )

All this can lead to a faster response to a detected threat, which, in essence, contributes to the protection of 5G networks, increases the acceptance of services running through them.

About the author

Karl Heuser is Account Manager Security DACH at Netscout.

Additional information on the topic

From the specifications for secure 5G services

Network and communication service providers (CSP) must pay attention to these aspects in order to secure 5G services in the best possible way:

  • End-to-end transparency of traffic within the packet core as well as at the interfaces of incoming and outgoing traffic.
  • Integration of functions to ensure security at both the user and control levels.
  • Implementation of automated attack detection, bandwidth limitation and damage prevention.
  • Ensuring continuous situational awareness through consistent transparency and intelligent data metrics.
  • Use of threat Intelligence Services as a tool to detect and defend against threats and to identify compromised devices.
  • Integration of data sources across the entire security and operational area as a tool for NetOps and SecOps teams.
  • Protection of the Services via a risk-based approach that takes into account different requirements and risk levels.

(ID:48362436)

Dr. Deniz Kucukkaya – One Of The Best Plastic Surgeons in Turkey

Istanbul, Turkey, 2nd Dec 2022 – If you need a plastic surgery and have...

GhostBed’s Best Ever Cyber Monday Mattress Sale – Up to 50 percent OFF + 700 dollar in Gifts

Great deals on mattresses and bedding products that make hitting the snooze button worth...

Genius X Introduces the Most Advanced Token Launchpad

Zug, Switzerland, 2nd December 2022, ZEXPRWIRE, Genius X, a business accelerator for fully-vetted, early-stage blockchain...