As 5G grows, operators must act swiftly to word off bad actors, especially with COVID-19 adding stress to wired and wireless networks. Networks need digital twins and the industry needs a certification body.
Our new collective reality has brought renewed focus to technology’s vital role in enabling communication, eliminating barriers and powering new experiences. The journey to 5G may have hit some bumps globally this past quarter, but from our engagement with customers, strides continue to be taken toward development and deployment. And as we get a view of the near-term use cases that 5G will be asked to support, operators are increasingly focused on network security posture. Now, more than ever, they are beginning to embrace a proactive risk mindset.
As cities struggle to contend with fallout from the COVID-19 crisis, a magnifying glass is being put on supporting infrastructure. You can now easily understand the vulnerabilities that 5G’s larger attack surfaces expose to bad actors. The 5G network is seen as a desirable target because it’s still in the early days. The number of endpoints and devices connecting to the network grow each day and now at an even faster pace with a significant number of citizens working remotely, giving bad actors more ways to find and exploit vulnerabilities. While “security by design” is an essential step, it is not a panacea for eliminating the possibility of a security incident that takes a 5G service completely offline. We have seen in the headlines numerous ransomware incidents experienced by hospitals with bad actors threatening to wipe out patient data and shut down key systems.
These incidents are merely a precursor of what’s to come. They reminder us of the importance to set 5G security strategies for purpose; and testing for and creating necessary recovery mechanisms. To this end, operators should take under strong consideration the deployment of a 5G network digital twin—a replica of a network that could be used as a sandbox to test doomsday scenarios and recovery performance measures.
While it is disconcerting to think about such scenarios, operators must emulate them to help prepare the network for its uncertain futures. The question operators must ask themselves is, should we experience an attack or crisis on a massive scale, do we have the processes and infrastructure in place to easily transition customers to the 4G LTE network and still deliver a similar form of the service they expect?
Take security by design to heart
Security by design isn’t new by any means, but it has greater meaning in a market where enterprise and consumer expectations are so high. Operators must address security as soon as they embark on solution or service conception. The absence of rigorous 5G security standards and guidelines creates a certain challenge for operators in this process. 3GPP only recently finalized standards for 5G networks and additional standards for addressing future 5G phases won’t be finalized for up to a year or longer. According to findings in Spirent’s 2020 5G Outlook Report, 5G standalone networks will begin deployment this year.
What is clearly missing but greatly needed is the formation of an independent body that can certify and audit suppliers and operator security by design approaches for each 5G-enabled service.
A continuous security testing process that suppliers and operators can follow would give enterprise customers a common set of facts and measures they can trust. In the meantime, operators will need to stay proactive and conduct a rigorous security assessment of all elements associated with a future 5G-enabled service, from virtualized networks to access management and authentication. To a certain extent, they will need to create customized sets of security standards.
Isolate risks and prepare for an all-encrypted network
While there is heightened concern about potential threats to the 5G network and services, there is much to be hopeful about when it comes to risk mitigation and data protection. 5G’s enabling of network slicing—independent networks on the same physical network structure—will allow operators to run their new services on individual slices while isolating potential indicators of compromise (IOCs) or threats they see from other infrastructure or services operating elsewhere on the network. However, this is the concept and not the reality unless operators audit individual slices ahead of 5G services getting spun up and putting those slices through the same rigorous security testing they do on an ongoing basis across the entire network.
It is a near certainty that the data at rest and traveling in a 5G service will be encrypted, a boost for data protection and privacy. Because the data cannot be decrypted, this will challenge an operator’s ability to properly monitor and identify threats or IOCs. Traditional monitoring and deep packet inspection won’t prove effective in a 5G-world, so operators need to seek out alternative methods that utilize machine learning, artificial intelligence and emulation to determine the presence of malicious activity.
Take a page from cloud scalers’ playbooks
Governments have increasingly turned to cloud-infrastructure providers for services and support and have noticed the controls and access-management mechanisms that these providers have employed. Cloud infrastructure providers have proven that constantly rotating access keys and getting granular with permission requirements can significantly improve the hosted resource or service’s security posture. It would behoove operators to replicate these practices when deploying 5G-enabled services.
The journey to achieving strong 5G security is a marathon, not a sprint. The key ingredient for success in these coming months is not speed but a mindset. 2020 will serve as another critical preparation year for operators and so long as they apply a proactive risk mindset as they ready new services on next generation networks, it will pay enormous dividends years from now.
Steve Douglas is head of 5G strategy for Spirent. Follow him at @s_n_douglas.