EU Report Highlights Cybersecurity Risks in 5G Networks
The extent with which 5G networks use software is one of the top security issues for mobile networks as well as devices and current technologies (for example, 3G, 4G) that use or incorporate it, according to an EU report supported by the European Commission and European Agency for Cybersecurity.
5G networks are unique compared to wireless network technologies in that they are mostly software-defined, including their network functions. 5G is also poised to use edge computing, where an application’s processing, storage, and management capabilities are contained near, for example, an internet-of-things (IoT) endpoint. This kind of architecture is among what the European Commission and European Agency for Cybersecurity say could broaden attack surfaces that threat actors can then abuse to gain a foothold into their targets.
In a press release, the EU also highlighted the security challenges involved in the online supply chain, what with the role of third-party suppliers or vendors in operating 5G networks and the dependence of organizations that use them. In the report, the EU also cited the lack of data protection agreements between the member states and third parties that aren’t from the EU, as well as the overall quality and cybersecurity of the suppliers’ products.
Here’s a rundown of the EU’s report on the cybersecurity risks in 5G networks:
- Broadened attack surfaces due to vulnerabilities in software used in 5G networks
- Sensitivity and interoperability issues in network hardware due to the unique architecture and new functionalities of 5G networks
- Increased exposure to attacks due to the risk profile of a supplier or vendor, as well as the reliance of mobile networks and enterprises on a third-party vendor or supplier
- Network-based threats that can compromise the availability and integrity of 5G networks, which serve as the backbone of mission-critical applications
Cyber-Telecom Crime Report
5G: A Boon or Bane?
These security and privacy concerns echo Trend Micro’s recent research on 5G connectivity, which underscores the importance of adopting cybersecurity strategies in implementing 5G. Indeed, 5G addresses the need for bandwidth, consistency, and speed, especially nowadays when mobile and IoT devices become ubiquitous while industrial facilities increasingly shift towards digital transformation. 5G also provides agility to enterprises that use them: Its being mostly software-defined enables its users to reprogram or reconfigure their 5G networks to suit their requirements, helping them streamline their business operations. In fact, revenue from 5G is predicted to reach US$247 billion by 2025.
On the other hand, 5G’s dynamic nature is also its seeming drawback. The vast amount of data being collected, processed, and interpreted via 5G, for example, may make it difficult to delineate and detect legitimate from malicious network traffic, especially once thousands of IoT devices — which can be compromised or “zombified” by threat actors into becoming part of a botnet — are figured into the equation. Software-defined networks, too, not only pose as attack vectors; they also need professionals capable of operating and securing them.
Securing the Transition to 5G
The EU’s risk assessment report is among the organization’s initiatives for adopting a security strategy for 5G adoption, as it will serve as one of the benchmarks for a “toolbox” of countermeasures that will be agreed upon by the member states on December 31 this year and carried out within the NIS Cooperation Group. The European Agency for Cybersecurity is also currently finalizing a report mapping threats related to 5G networks.
While 5G provides the scalability to streamline an enterprise’s operations, security strategies, technical skills, and additional technologies are needed to ease the organization’s (and ultimately, the end users’) transition to adopting 5G and maximizing its value. As outlined in Trend Micro’s research, among the security measures that can help mitigate security risks are 5G machine learning (5ML) and business-oriented ML rules in a system called a security orchestrator.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: TargetCompany
- Email Threat Landscape Report: Cybercriminal Tactics, Techniques That Organizations Need to Know
- Preventing an Imminent Ransomware Attack With Early Detection and Investigation
- Inside the Halls of a Cybercrime Business
- Securing Cloud-Native Environments with Zero Trust: Real-World Attack Cases