Threats from 5G connectivity

Trend Micro’s latest research explored the threats to 5G connectivity from SIM jacking, identity fraud, fake news, and poisoning machine learning rules to manipulating business decisions — and how they can be addressed through an identity-based approach to security.

Many industries are poised to tap into the speed, automation, and global reach of 5G, a telecom technology that is new to many of these industries. Generally, they will be unprepared, under-skilled, and ill-equipped to handle the sudden simultaneous arrival of many powerful new technologies. This will compound the effects of already-mature threat actor groups and complex vulnerabilities in the global telecom carrier ecosystem. In addition to its intrinsic risks, it can be leveraged as a very powerful attack engine.

This complexity can be difficult to explain all at once. The much smaller scope of a Non-Public Network (NPN) or “Campus Local 5G” can be used to clarify and summarize. The example of an NPN 5G Factory will be used in this paper.

Risks and Threats to 5G Non Public Network (NPN)
Our latest research explored threats to 5G connectivity — from SIM jacking, IoT identity fraud, false Decision Engine data and logs, and poisoning machine learning rules for the manipulation of business decisions. We also looked at how these risks and threats can be mitigated and addressed through an identity-based approach to security.

Poisoning Decision Engines and Artificial Intelligence-Machine Learning (ML) Deployments
5G and 5G NPN are dependent on nested tiers of automation (clouds within clouds). This dependence on a variety of decision engines is a critical element of its speed and scalability. This tiered automation relies heavily on tuned models, increasing the efficiency and cost savings of large-scale deployments. Read more.

Network-based Attacks and altering the Basic Truth of the network
Acceptable histories are what decisions are based on. A well-designed set of bad rules can “re-write history” — bad network intelligence, or bad decisions used for Board decision making for example. These bad rules can also lead to network-based attacks — sabotage, espionage, supply chain abuses, and wiretap among others. Read more.

SIMjacking threat landscape
Subscriber Identity Modules (SIMs) upgraded in the 5G era become tiny, on-board chips called eSIMs. Since they are embedded to the electronics of IoT devices, eSIMs can be remotely updated and configured by cellular radio to join another network anywhere in the world. While this eases deployments, it can also pose significant risks. Read more.

Identity and Integrity Management: Bringing IT and Telecommunications Together
SIMs are used to assert the identity of human subscribers. When IoT devices use SIMs, various species of non-human subscribers will emerge — home appliances, robots, IP cameras, and cars, to name a few. Each will be manufactured by different vendors, and thus have different implementations and traffic profiles. Read more.

Security Recommendation: Cyber-Telecom Identity Federation
AA unity is needed that is not present in IT or 4G-era technologies, and not explicitly addressed in 5G, and should involve reduced trust in device radio authentication, including those from IoT devices. A means of addressing roaming vulnerabilities in IoT using identity federation in telecom technology should be implemented. Read more.

5G security should not be an afterthought
5G is a response to the need for bandwidth, consistency, and speed, especially in an era where mobile and IoT devices are ubiquitous among enterprises and industrial facilities increasingly moving toward digital transformation. But like any nascent and dynamic technology, it doesn’t come with security and privacy risks — which can have significant repercussions given the kind and vast amount data that 5G is poised to collect, process, and interpret.

Security strategies, technical skills, and additional technologies are needed to ease the organization’s transition to adopting 5G and fully reaping its benefits. The federated cyber-telecom identity model is an approach to 5G security that provides a single and coherent security architecture for protecting the identity, access to, and integrity of data and other components and technologies within 5G networks.

The latest whitepaper issued by Trend Micro, “Securing 5G Through Cyber-Telecom Identity Federation,” provides an overview of the security risks in 5G, threats and attacks that may take advantage of it, and how they can be addressed by enterprises that will use this newfangled technology.