5G is the darling of the mobile industry right now. Operators and vendors alike talk non-stop about how the next generation technology will deliver lightning fast speeds and ultra-low latency, enabling new use cases the world hasn’t even thought of yet. But there’s one more critical piece of the 5G puzzle, one which is perhaps less headline-grabbing but equally important to discuss: security.

Along with all its benefits, 5G also brings with it new threats which must be addressed by vendors and operators.

What are they?
First and perhaps most obvious are IoT-related threats. In interviews with Mobile World Live (MWL), Samsung, Nokia and AT&T pointed out a massive leap in the number of devices on the network will increase the number of vulnerabilities. Rita Marty, VP of security architecture at AT&T, added this means malicious actors have a wider attack surface to work with.

Marty noted AT&T expects distributed denial of service (DDoS) attacks against the 5G RAN carried out using the IoT to be one of the most significant security challenges operators face in the future. The operator is also anticipating attacks on the 5G Edge cloud from the internet.

But there’s more. Simeon Coney, CSO at AdaptiveMobile Security, noted the shift in network architecture to a three plane approach (access, forwarding and control) in 5G will create a number of additional threats.

He said service-enabling the control plane will “open up a layer which has typically been kept isolated in-house to third-party interactions, thereby adding to the security considerations for operators and increasing demand for new security inspection and enforcement points”. Vulnerabilities in the forwarding plane could also potentially give attackers widespread unauthorised access to the network, Coney noted.

Additionally, the CSO said the move toward network functions virtualisation (NFV) will create increased risk where physical or logical system separation was previously more readily managed and secured, while network slicing will create issues around boundaries of security control and the responsibilities of operators and service providers.

“Cross-domain orchestration of resources over multiple administrative domains enables collaborative service delivery, for example services can be realised via chaining of virtual network functions (VNFs) over domains of multiple operators. In this use case, the contract structure, the lack of trust and SFC (the path and VNFs which customer data passes through) create a complex privacy situation. There is, thus, a need for security mechanisms and standards for enabling private VNFs.”

Closing the gaps
Gerald Reddig, head of global product marketing for security at Nokia, agreed the use of network slicing will require new security tactics. He noted firewalls need to be both virtualised and cloud native to meet changing performance demands and scale requirements on virtual networks.

Reddig added new approaches to security incorporating big data analytics, machine learning and automation will be required, pointing out management systems will need to aggregate and analyse data from many different parts of the network with intelligence and specific context.

“Security operations workflow automation and orchestration are at the heart of the transition from a static defence to an agile and adaptive response. Security automation involves more than just operations – it must be aware of and encode business processes, regulations and customer-specific policies.”

Similarly, Marty said AT&T believes the combination of virtualisation, automation and machine learning will help strengthen its defences by enabling better prevention, detection and mitigation of threats all across the RAN, core and edge of the network.

“Security will be embedded in the design, architecture and functionality of our software-defined network on day one of full 5G deployment, which enables us to be more agile as new attack vectors are identified. We can more quickly detect threats, patch vulnerabilities and ultimately prevent attacks from being successful,” she explained.

The work continues
The importance of security is not lost on 3GPP, the international standards body developing 5G specifications. 3GPP has a dedicated security group, working alongside its architecture and RAN groups to identify threats, requirements and solutions to problem areas.

Marty added AT&T is working with 3GPP to create a stronger encryption algorithm for a 5G, over-the-air interface.

Coney pointed out another group, called 5G ENSURE, is aiming to achieve harmonisation across the standardisation ecosystem, including organisations such as 3GPP, European Telecommunications Standards Institute (ETSI), US National Institute of Standards and Technology(NIST), Internet Engineering Task Force (IETF) and others.

He said 5G ENSURE’s work covers network management and virtualisation, security monitoring, trust, authentication, privacy and other security use cases. “As such this gives operators a broad range of capabilities to draw upon to enhance protection and security,” he concluded.

The editorial views expressed in this article are solely those of the author and will not necessarily reflect the views of the GSMA, its Members or Associate Members.