SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
Story image
SecurityGen highlights cybersecurity risks for 5G network
Fri, 31st Mar 2023

Recent research from the global mobile trade association, GSMA, estimates that the market for virtual network slicing among enterprises is projected to be worth US$300 billion by 2025. However, mobile operators who are seeking to use their 5G networks to offer network slicing to business customers must be prepared to take on extra responsibility around cyber-security, according to Dmitry Kurbatov, co-founder and chief technology officer at SecurityGen, the provider of security solutions and services for the telecom industry.

“Successful network slicing relies on honesty and transparency between operators and businesses on what is the safest, most secure choice that fulfils their connectivity needs,” says Kurbatov.

“The newer and more complex a technology is, the more potential security threats and vulnerabilities are hidden within it, and 5G is no exception. Operators and enterprises alike need to keep this in mind and have a plan for dealing with possible cyber threats and vulnerabilities that might occur when using a virtual slice of a 5G network.”

Kurbatov continues, “Enterprises who opt for a virtual 5G network slice for their mobile connectivity requirements should work with their operator to properly assess the level of risk involved for their particular use case and address the potential cybersecurity issues. In certain critical businesses, using shared network resources might not be the most secure and resilient option. For example, if an energy company is considering its options for how to interconnect a nuclear power station with regional power distribution plants, this should not be an option.”

Kurbatov points to breach isolation from one slice to another via a shared network resource as the most likely cyberattack vector via a 5G network slice.

“Businesses should imagine their operator’s 5G network as a co-working space that they share with multiple tenants. Movable partition walls and doors provide privacy and security. These can be placed in different positions depending on who is currently renting space and how much space each tenant needs,” he says. 

“Now imagine there’s a window in one partitioned space. It’s left open one night, and hackers are able to enter the space and steal valuable data. If the walls and doors between the partitioned spaces are strong and secure, then the impact of this theft is limited to one single tenant. But if hackers are able to access one slice of the network from another, the damage will be much wider and affect more businesses, and potentially be more serious.”

“While this may sound scary, there are effective cybersecurity measures which operators and businesses who opt for 5G network slicing should put in place,” he adds. “They need to identify their core assets and what threatens them, and then protect these assets, continuously monitor the security status and be ready with a proactive remediation plan for how to recover and undo any damage that might occur from a breach.”

“Tried and tested IT security frameworks and approaches will work if they’re properly applied to a 5G network slice rollout, but only if they’re supported by a thorough, in-depth understanding of the mobile telecom domain as well,” Kurbatov concludes.