You Need to Look Both Ways on the Road to 5GPosted Oct 2017
It’s not surprising there is so much developer attention on 5G, and more significantly on the new elements of the technology. Regular media announcements suggest that the race to 5G is well and truly underway, with next year’s Winter Olympic Games in South Korea seen as a high-profile target date, even though the full 5G spec will not be finalised by then. A recent article by Mobile World Live estimated that there would be as many as 214 million 5G connections by 2025.
Developers are concentrating on all the exciting new parts of the latest technology which need to be fixed and ready for launch. As is often the case, security appears lower down the list of priorities, but in 5G there has been some focus on the new elements where the security of the interface needs to be addressed.
For a start, that means 5G radio authentication itself is a focus, as is the exciting new feature of network slicing, where it is recognised that the technology will have to avoid leakage of data between slices. There is also work in hand to ensure better protection of the IMSI, which is great news, as that is often the first target in a security attack. However, there is a limited focus on signalling security.
The issues currently affecting 3G & 4G networks will also affect 5G if they are not solved. For a start, 5G networks will not be islands of technology. They will co-exist, interconnect and communicate with the other Gs – yes, even 2G – for many years. This presents a problem for operators and consumers and an opportunity for the fraudsters. The more advanced mobile hackers and fraudsters will look to force communications down to the weakest level of security. Once a hacker is ‘in’ and has the control to divert calls and messages, monitor locations or snoop on activity, it will not matter whether the phone is using 3G, 4G or 5G. Once hacked, a phone will stay hacked until the fraudster decides otherwise.
That means that rather than just look to provide security on the new elements of 5G, the technologists also need to pay attention to the past. These considerations include signalling security, end to end encryption, authentication and the integrity of the connection.
The good news is that we can fix things for the future by learning from the past and ensuring we don’t allow 5G networks to be compromised by earlier security flaws. The best approach is to provide a security and fraud solution today that can evolve with the network and deliver 2G, 3G, 4G and 5G safety for all customers. The work we are doing today, with a number of operators and with the GSMA’s Fraud and Security Group, is targeted to achieve just that goal.
Our Commercial Director Peter Blackie led a discussion at the MWC event in Shanghai on this very subject. Read more in our blog There’s no time like the present to secure 5G.