fbpx

Standalone 5G Networks: Potential Vulnerabilities that Could Result in Denial of Service for Customers

5G networks promise high speeds, lower latency and more robust security compared to their predecessors – and this has created a lot of buzz. As a result, there is a lot of competition among operators to roll out the network while manufacturers are already producing 5G devices.

The deployment of 5G around the world has also been facilitated by a need for always-connected computers, widespread internet of things (IOT) and dependence on smartphones. All of this is constraining the 4G LTE technology.

With the current uptake in remote working due to COVID-19, 5G is expected to see more deployment.  However, despite the promised benefits, there are varying concerns about potential vulnerabilities of this network. Since there are various security concerns, this article will highlight those involving the standalone 5G networks.

What is 5G Standalone Network?

5G stands for the fifth generation of networks that is designed to address gaps and errors existing in the architecture of previous generation networks. However, its implementation is through a gradual phasing out of the existing networks. Note that the 5G network involves two streams, which include the standalone (SA) and non-standalone (NSA). The NSA relies on existing 4G infrastructure because 5G standards are not fully finalized.

On the other hand, the standalone is a completely new, end-to-end 5G network. To offer ultra-low latency and high capacities, service providers will have to fully implement the standalone 5G infrastructure. Despite the radical and beneficial transformation promised by 5G networks, there are concerns that it might become a multidimensional cyberattack vulnerability.

Vulnerabilities for Subscribers and Mobile Network Operators

Unlike previous networks, 5G is a software-defined network and involves network function virtualization, which makes it more vulnerable. The previous networks implement hardware choke points because they are centralized and hardware-based; whereas 5G digital routing lacks inspection and control chokepoints.

This new architecture has seen various research carried out to check its viability. As a result, industry professionals and government officials have already raised concern over the network’s security and overall architecture. An investigation by global cybersecurity firm Positive Technologies focused on 5G standalone core in terms of its architecture security, interaction of network elements, as well as subscriber authentication and registration procedures.

The examination revealed that “the stack of technologies in 5G potentially leaves the door open to attacks on subscribers and the operator’s network. Such attacks can be performed from the international roaming network, the operator’s network, or partner networks that provide access to services.” The vulnerabilities were discovered in two protocols, PFCP and HTTP/2, which are used in 5G standalone networks.

Exploitation in Packet Forwarding Control Protocol (PFCP) would result in denial of service. This is because the PFCP is used to manage subscriber connections. A PFCP session includes three procedures: session establishment, modification and deletion. It’s at this point that denial of service can be carried out by attackers through a session deletion request, a session modification request or redirection of data through a session modification request.

For the HTTP/2, the Positive Technologies research found that an attacker could obtain the network functions profile and impersonate any network service. This is because HTTP/2 protocol is responsible for vital network functions that register and store profiles on 5G networks. The attacker then would have access to authentication status, current location and subscriber settings for network access. It’s also possible that an attacker would be able to delete NF profiles, which could result in financial loss as well as damage subscriber trust.

If not handled correctly, the 5G standalone network security issues will place critical infrastructure such as hospitals, transport and utilities at risk.

Solution and Conclusion

According to the report, the vulnerabilities would appear due to misconfigurations. With vendors competing to launch 5G networks, attackers will take advantage of poor configurations. Therefore, it calls for proper configuration of the architecture to stop these types of attacks. Unfortunately, errors still might occur. To detect configuration errors in the networks, regular security audits should be performed. It’s also vital that apart from ensuring proper equipment configuration, security monitoring and enhancing the implementation of firewalls are also top priorities. In conclusion, 5G’s high speeds, low latency and high bandwidth will be highly beneficial. However, the potential security holes could cost more than the cost of implementing this technology. As a business owner considering the 5G network, do not let your guard down just because the new network promises to address gaps and errors in previous generation networks.