While juggling digitalization pressures with 5G rollouts, operators will need to keep their eye on the old networks being exploited.
With the buzz around 5G roll-outs undampened by the pandemic, the issue of latent increases in attack surfaces is nevertheless gaining momentum.
To get a feel of how the telecoms industry is taking due diligence efforts in their plans, CybersecAsia interviewed Dimitry Kurbatov, the Chief Technology Officer of global cybersecurity firm Positive Technologies, the first firm to discover security issues related to SS7 (Signalling System 7) in 2014 and currently researches and develops network security for Smart City technology and dedicated 4G and 5G assessment services.
He shares his insights about the major trends, imminent threats and disruptive innovations happening currently in the telecoms sector across the globe.
CybersecAsia: How do you see 5G unfolding, and the importance of cybersecurity in its roll-out worldwide?
Dimitry Kurbatov (DK): 5G deployments are gaining momentum and will be a major disruptor in the telecoms market in the coming years. This plus and other converging technologies will boost access and user experience on telecoms networks, but they also increase the size of the perimeter that mobile operators must secure.
We should not underestimate that 5G networks will be built on top of, or at least integrated with, the 4G infrastructure, in exactly the same way that 4G was built on or integrated with the previous generations. Therefore, 5G would appear more secure, if deployed to the full security standards that have been discussed: unfortunately, by the same token, it will inherit some flaws already in place.
While rolling out 5G, operators will need to keep their eye on the old networks being exploited. This is even as their resources are stretched grappling with virtualization, more complex administration, and new ‘well-known’ protocols that hackers know how to break into.
CybersecAsia: What kind of cybersecurity threats are prevalent now and how do we mitigate them in the era of 5G and IoT?
DK: IoT is often cited as the technology benefiting most from 5G, and the number of connected devices will rise dramatically over the next few years. Thus, the more devices connected to the network, the more opportunities for criminals to exploit vulnerabilities. We can predict that 5G will probably bring along an increase in Distributed Denial-of-Service (DDoS) threats.
Intruders will see the increased throughput as an opportunity to deny online services at critical moments. In order to build adequate protection for 5G networks, operators need to start with securing previous generation networks. They should immediately start analyzing all signalling information crossing the perimeter of their network in order to ensure security and block illegitimate traffic. This analysis will provide the data needed to keep security policies up to date. In addition, a comprehensive and systematic approach can enable securing networks in the era of 5G and IoT from Day One.
CybersecAsia: What are the major challenges the telecoms sector faces in terms of security in the current landscape?
DK: Across all the tested networks last year, we found vulnerabilities caused by fundamental deficiencies in the Evolved Packet Core. These issues allow disconnecting one or more subscribers; intercepting Internet traffic and text messages; eavesdropping calls; spoofing identities; and even causing operator equipment malfunction. Furthermore, it is a fact that the telecoms sector faces challenges such as fraudulent activities, connection hijacking, and DoS attacks on subscribers on a daily basis.
CybersecAsia: What are the best practices that you would recommend to Chief Networking Officers (CNO) and Chief Information Security Officers (CISO)?
DK: As threats may continue to be present, CNOs and CISOs should ensure that their service providers are working on their security as an ongoing process. A crucial point here is to check if the operator has fulfilled its due diligence and also tried to provide a tailor-made approach to the company’s unique environment.
It is no longer just a business communication, since it is already related to day-to-day corporate administration, and even possibly to the core production and profit-driving processes.
In addition to the fact that the relationship with the service provider needs to be far more proactive, CNOs and CISOs should secure all software and networks themselves before any deployment.
The final decision for the individual CNO and CISO has to come down to corporate stance, the deployment situation plus the risks to the core business; and possibly, individual opinion.
CybersecAsia: Modern telecoms environments involve various sets of secure and reliable services like biometric fingerprints. What are the other mechanisms that will emerge in the coming years?
DK: Despite the fact that there are a lot of secure and reliable services in a modern telecoms environment, biometric recognition is currently the only authentication technique that relies on a person’s physical characteristics for personal authentication.
We are convinced that the use of biometric authentication, such as fingerprint, voice or facial recognition, is already providing the device with an extra layer of protection and will continue to dominate in potential use case scenarios.
CybersecAsia: There is a lot of buzz around data privacy on social media. Do telecoms players have a role to play in that?
DK: Currently, we can observe a lot of social engineering attacks—for example, opening a simple phishing email leads to multi-million-dollar losses in a company. The threat is the same for common people, who tend to leave their credentials on phishing sites, clicking on links sent or posted on social networks.
Users may not be always turning over money, but they are turning over their personal data. To avert such information being tracked, analyzed, stolen and then sold by an intruder giving room for future breaches, telcos should educate their subscribers and make it easier for them to control and maintain their privacy. They should also engage them in the digital world and on social networks, in particular.
CybersecAsia: What is your view on the role of government bodies assimilating data security as a part of the policymaking?
DK: All over the world, governments have estimated the risks to be even higher for 5G, which is about to connect more devices and be the core infrastructure for smart cities.
5G means lots of data, from the devices at smart homes to the lamp posts in the streets. Cyber criminals will view this as a window to carry out attacks. This makes the consequences of security vulnerabilities more serious than simply having your Internet or phone service go down. It is now an issue of critical national infrastructure.
The European Union, and more recently, the United States and the UK governments are taking this major step in legally enforcing security standards.
CybersecAsia thanks Dimitry for his global insights.