Thales is working closely with mobile network operators to help them build robust new standalone 5G infrastructures.

In this article, we explore the three main 5G security challenges:

  •   5G virtualisation 
  •   5G IoT new vulnerabilities
  •   5G risks at the edge (private network slicing)

You will also see how Thales' 5G security solutions can protect the devices, identities and data that comprise the fast-expanding new networks. 

Let's dig in.

5G and security: new challenges?

The good news?

For most of its history, the mobile industry has avoided the security scandals that have beset many industrial sectors.

Mobile subscribers have not suffered from the mass theft of private data or user identities. 

Why?

Because existing cellular networks are built on proprietary physical infrastructure, and network functions reside on hardware platforms.

Attacking this physically isolated infrastructure is much harder than the software-based cloud systems underpinning today's corporate structures. 

solutions for 5G networks

5G unlimited connectivity brings about numerous security challenges.

5G changes that. Well, potentially.

 

#1. The virtual nature of the 5G network

Why? Because 'standalone' 5G architectures will be managed through software rather than hardware. 

The virtual nature of the 5G network core makes it vulnerable in new ways. 

When a network resides in software, there is a danger of cross-contamination and data leakage.

Automation can also speed up the spread of bad decisions and malware. Malicious actors are waiting to take advantage of these flaws. 

The cybersecurity firm Positive Technologies investigation highlighted the need for good 5G security. It concluded:

"The stack of technologies in 5G potentially leaves the door open to attacks on subscribers and the operator's network. Such attacks can be performed from the international roaming network, the operator's network, or partner networks providing services access." 
 

And there's more.

 

#2. The 5G IoT: 25 billion entry points for attackers? 

In addition to a vulnerable software-defined core, the arrival of 5G also increases the attack surface available to cyber attackers. 

Previous generations of cellular targeted individual (human) subscribers. While there was some growth in connected 'things', 5G promises to expand this market vastly. 

Ericsson says that cellular IoT connections could hit 24.9 billion by 2025. 

That means 24.9 billion potential entry points for attackers, each lacking a human' owner' to make intelligent decisions that might combat a threat. 

Indeed, Irdeto's 2019 Global Connected Cybersecurity Survey reported that 80% of IoT devices used or manufactured by large enterprises had experienced a cyber attack in the previous 12 months. 

And finally, there is the 5G security risk from private network slicing. 
 

#3. The new 5G risks at the edge 

The virtual nature of the standalone 5G core makes it possible to allocate capacity to private enterprises.

In other words, businesses can run their own 5G private networks at the 'edge'. 

This is exciting.

This feature allows enterprises to connect people and machines at high speeds and low latency.

But it also brings with it many new security issues, such as:

  • Every slice must be fully autonomous, even if it shares the same underlying MNO infrastructure. There should be no way for a virtual network function to access another slice. 
  • Enterprises need to authenticate securely into their private networks.  
  • MNOs must ensure they cannot view the enterprise's data. 
  • Data stored at the edge needs to be secured far from the relative security of the core.  

Enterprises have many years of experience working with specialist cloud service providers. Yet, despite billions of dollars of investment in data security, data breaches always occur. 

Now, MNOs are targeting these same enterprises with the offer of 5G private networks.

They must better protect enterprise data while complying with emerging privacy regulations in different regions. 
 

Thales 5G  security solutions – securing networks, people and things 

The nature of the 5G security threat might be complex, but the fundamental defence is straightforward:

  • Protect people, devices and infrastructure 
  • Build-in security by design 
  • Encrypt data at rest and in motion 
  • Ensure the accurate authentication of all participants on the network 

Let's see how Thales' solutions offer protection across at every stage. 
 

5G security at the network level 

Thales offers multiple solutions to help MNOs secure their new software-defined 5G infrastructure. 

They include: 

  • Luna Hardware Security Modules (HSMs) 
    With 5G networks being built on software-based paradigms, HSMs can deliver a Root of Trust (RoT) to ensure security from the infrastructure to the application. 
     
  • High-Speed Encryptors (HSE) 
    Securing data in motion is a challenge. Thales HSEs offers a flexible and easy-to-manage interface to secure data in motion for the mobile backhaul at speeds up to 100G. 
     
  • CipherTrust Transparent Encryption 
    On 5G, different data types are processed at locations from the edge to the network core. CipherTrust transparent encryption offers granular access control on sensitive data without modifying applications.  
     
  • CipherTrust Manager 
    Encryption must always be linked to strong key management. CipherTrust Manager centralises the crypto key lifecycle management process.  
     

5G security for people and things 

The foundation of security in a mobile network is ensuring that the subscriber's identity (whether person or thing) cannot be stolen or faked. 

This is what the embedded secure element does. It's a tamper-proof chip that resides in any mobile device. 

The embedded secure element allows telcos to store sensitive services such as payment, couponing, e-government, and more on the SIM. It ensures all data and keys are stored safely and shared only with authorised applications and people.  

Thales is a leader in this space. And we have now started to apply the secure element tech to the IoT space. 

We first implemented the GSMA's IoT Safe specifications to secure and trust all machine and network exchanges.

This step is critical since any IoT cloud service must have absolute trust in the data received from IoT devices. 
 

5G security – assessment and detection

Even the most robust defences will still come under attack.

For this reason, it is essential to monitor networks constantly – and react when hackers strike.

Thales' Critical Information Systems (CIS) division can run vulnerability assessments and stage simulated attacks to reveal worst-case scenarios.

Thales will even set up staffed security operation centres to observe threat activity 24/7. 

Get in touch with us

For more information regarding our services and solutions contact one of our sales representatives. We have agents worldwide that are available to help with your digital security needs. Fill out our contact form and one of our representatives will be in touch to discuss how we can assist you.

Please note we do not sell any products nor offer support directly to end users. If you have questions regarding one of our products provided by e.g. your bank or government, then please contact them for advice first.