Like so many things during this pandemic, the 5G experience promised to spectators at the Tokyo Summer Olympics has sadly not panned out.
Ticketholders attending golf and swimming were supposed to have access to giant 5G screens, rentable mobile devices and even AR goggles to view those three events in all their 5G glory. Alas, a surge of COVID cases in Tokyo forced organizers to ban spectators from all competitive events during the Games.
While 5G itself has been bathed in hype of almost Olympic proportions, the privacy and security risks of the technology have received less attention. Although 5G is finally here, it’s worth remembering it does come with certain risks.
Some 5G networks will be standalone (SA), built from scratch using entirely 5G architecture. The catch? Whenever users of an SA 5G network are roaming internationally, “they will be inevitably roaming onto other operators’ networks that will still use some 2G, 3G or 4G,” Omdia’s Rik Turner pointed out during a recent virtual panel on 5G data privacy.
So roaming users of SA 5G will inherit all the privacy and security vulnerabilities inherent to 2G, 3G and 4G, said Turner, Omdia’s principal analyst of emerging technologies. He doesn’t expect those SA roaming issues to be fully sorted out for another decade or so.
Right now, most 5G networks feature non-standalone (NSA) architecture using RAN — with a core that is still 4G.
“The problem (with NSA) is that the diameter signaling protocol for 4G itself comes with some vulnerabilities, well recognized vulnerabilities, that have not been addressed over the years,” Turner explained. “So clearly if you’re building an NSA, for the first five to 10 years of your network’s life in 5G, you’re going to be inheriting those vulnerabilities from 4G.”
Network slicing risks
There’s also a brand new risk related to something completely unique to 5G: network slicing. Mobile network operators (MNOs) will be able to slice up parts of their own 5G networks and lease them out to third parties, targeting slices to specific industry verticals.
In March, however, researchers at AdaptiveMobile discovered vulnerabilities in 5G that could expose network slicing to risks such as:
- extraction of user data, especially for location tracking
- denial of service against another network function
- unauthorized access to a network function and to related information of another vertical customer
“Hybrid network functions support several slices but there is a lack of mapping between the application and transport layers’ identities,” AdaptiveMobile warned in a blog post describing its findings. “This flaw in the (5G) industry standards has the impact of creating an opportunity for an attacker to access data across multiple slices if they have access to the 5G Service Based Architecture.”
While AdaptiveMobile believes the likelihood of such attacks is low at the moment, it’s only because there’s not a lot of network slicing being offered yet. The risk will probably increase, however, as slicing becomes more common.
AdaptiveMobile has submitted its research to GSMA, the global industry body for mobile network operators, and to 3GPPP, which develops technical specification standards for mobile communications. According to AdaptiveMobile’s blog post, the latter two groups are “working on the mitigation of the presented vulnerabilities, but this will require some time to be seen in product updates.”
Until then, how do we deal with these types of risks? Potential answers may lie in the cloud.
The cloud risk model for 5G
Network slicing involves multiple parties: the MNO providing the 5G slice, the customer leasing that slice, and that customer’s own end users. In that kind of daisy-chain process, there are bound to be thorny issues cropping up.
“There’s a huge question mark in my mind as to who’s responsible for security of the data on that network,” Turner said. “Not only who’s responsible for individual slices but also, will those slices themselves be sufficiently isolated (from risk)?”
Turner suggests the cloud may provide us with an existing model of shared responsibility involving privacy and security. Most cloud service SLAs spell out who bears responsibility or liability in the event of a breach or outage. In Turner’s view, why not develop a similar model of shared responsibility for 5G network slicing?
Turner’s fellow panelist Boris Wojtan noted that if user or customer data is collected during network slicing, responsibility for the privacy and security of that data may depend on which party collects it. Like Turner, Wojtan also sees the cloud SLA model as a potential framework for network slicing privacy.
“I came across this with SaaS years and years ago,” said Wojtan, director of privacy at GSMA. “You might go to a cloud provider that’s got better hard-baked security on their premises but the customer is taking some responsibility for what they do on the (cloud) dashboard. So (the customer is) configuring things in the way that makes sense for them. If they leave access permission open, that’s their fault.
“It’s the same with 5G provisioning that’s going to be zero-touch provisioning,” Wojtan continued. “It lets the customer configure things themselves. Well, if they configure things in a way that creates a security flaw, then they would take some responsibility for that.”
Having said all this, there’s no need to panic about 5G privacy and security. These are still early days, and those things will be refined and improved in time. Issues around shared responsibility will be determined as more users adopt 5G technology. Plus, Turner says 5G already boasts privacy and security improvements over 4G, such as better masking for subscriber identity.
In the race against 5G data threats, all we can do is use our best equipment and game plan to beat them, even if one in AR goggles is cheering us on from the sidelines.