5G is referred to as the fifth generation of cellular networking. This is also known as the successor to 1G, 2G, 3G and 4G cellular networks. 5G is designed to connect everyone and everything together virtually, with higher data speeds with ultra low latency. Such network invention comes with increased reliability, massive network capacity, higher availability and improved usability to the users. With higher performance and improved efficiency delivered, this empowers better user experience and the ability to perform tasks of “higher” levels.
What are the underlying technologies that make up 5G?
5G is based on Orthogonal frequency-division multiplexing, a method of modulating a digital signal across several different channels to reduce interference. 5G uses 5G NR air interface alongside OFDM principles. 5G also uses wider bandwidth technologies such as sub-6 GHz and mmWave.
Like 4G LTE, 5G OFDM operates based on the same mobile networking principles. However, the new 5G NR air interface can further enhance OFDM to deliver a much higher degree of flexibility and scalability. This could provide more 5G access to more people and things for a variety of different use cases.
5G will bring wider bandwidths by expanding the usage of spectrum resources, from sub-3 GHz used in 4G to 100 GHz and beyond. 5G can operate in both lower bands (e.g., sub-6 GHz) as well as mmWave (e.g., 24 GHz and up), which will bring extreme capacity, multi-Gbps throughput, and low latency.
5G is designed to not only deliver faster, better mobile broadband services compared to 4G LTE, but can also expand into new service areas such as mission-critical communications and connecting the massive IoT. This is enabled by many new 5G NR air interface design techniques, such as a new self-contained TDD subframe design.
The above is extracted from : https://www.qualcomm.com/invention/5g/what-is-5g
How does 5G work?
5G operates on three different spectrum bands. The low-band spectrum, mid-band spectrum and high-band spectrum.
Low-band spectrum — offers great coverage area but peak data speeds are limited to 100Mbps
Mid-band spectrum — provides faster speeds and lower latency than low-band spectrum but sometimes fail to cover areas such as underground infrastructure like subways.
High-band spectrum — delivers highest performance in terms of speeds (up to 10Gbps) but has low coverage area and infrastructure penetration is very poor.
Like other cellular networks, 5G networks use a system of cell sites that divide their territory into sectors and send encoded data through radio waves. Each cell site must be connected to a network backbone, whether through a wired or wireless backhaul connection.
5G transmits tons of data over shorter distances than 4G LTE. This helps speed and consistency of connection signals and the network itself — even when in motion. The network also is able to support more devices due to use of new signal spectrums. On top of all of this, energy-efficient tech allows less power to be used.
The rise of internet-connected “smart” gadgets will mean that we need a faster, higher-capacity system to support the billions of devices already in existence. Mobile data is growing towards becoming cheaper and faster to connect way more devices than we can today.
5G Security Threats
Decentralized Security — Unlike the current system of 4G LTE and 3G, which use relatively few tall, isolated towers to send signals to phones and other devices, 5G has a much more decentralized setup. It requires many smaller low-powered cellular radio access nodes — essentially outdoor modems. The tradeoff comes in the distance of the signals, with 5G requiring multiple nodes to be placed on electric poles, lamps or even the corners of buildings to cover an area, instead of relying on one local tower.
Devices that utilises 5G — IoT primarily uses 5G, allowing the interconnection of billions of devices in the world. Ranging from thermometers within a house to Smart TVs, these IoT utilises 5G networking, which has various security concerns. Since IoT can also be treated as an access point of the 5G network, they have a set of problems which I have extracted from the OWASP Top 10 of IoT vulnerabilities.
1 -> Weak, Guessable, or Hardcoded Passwords
2 -> Insecure Network Services
3 -> Insecure Ecosystem Interfaces
4 -> Lack of Secure Update Mechanism
5 -> Use of Insecure or Outdated Components
6 -> Insufficient Privacy Protection
7 -> Insecure Data Transfer and Storage
8 -> Lack of Device Management
9 -> Insecure Default Settings
10 -> Lack of Physical Hardening
Lack of encryption — The lack of encryption in the connection process reveals the device info ( OS, device type ) to the attackers. Such valuable information can help hackers plan for their attackers with more precision
Kaspersky also revealed that such vulnerabilities
Kaspersky also revealed that such vulnerabilities can take form in a wide variety of attacks. Some of the known cyber-threats include:
- Botnet attacks control a network of connected devices to puppeteer a massive cyber-attack.
- Distributed denial-of-service (DDoS) overload a network or website to take it offline.
- Man-in-the-Middle (MiTM) attacks quietly intercept and change communications between two parties.
- Location tracking and call interception can be done if someone knows even a small amount about broadcast paging protocols.
Current Security Monitoring is insufficient — While current networks are limited in speed and capacity, this has actually helped providers monitor security in real-time. So, the benefits of an expanded 5G network might actually hurt cyber security. The added speed and volume will challenge security teams to create new methods for stopping threats.
As we approach towards an industry of adapting 5G networks, what can we do to prepare for 5G?
According to NIST, the National Institute of Standards and Technology they came up with two phases to prepare for 5G.
Phase 1: Preparations for Secure 5G Infrastructure and Architecture
- Local and network storage
- Switches, routers
Project Description: 5G Cybersecurity – Preparing a Secure Evolution to 5G 11 - Security gateways (SEGs), firewalls (e.g., roaming General Packet Radio Service [GPRS]
Tunneling Protocol [GTP] control [GTP-C]/GTP user data tunneling [GTP-U] FW, SGi/N6
interface FW) - Virtualization software
- Security and policy enforcement software: governance, risk, & compliance (GRC) /
security information and event management (SIEM) / dashboard - Virtualized LTE EPC components
- Home Subscriber Server (HSS)
- LTE Evolved Node B (eNodeB)
- 5G NR Next Generation Node B (gNodeB)
- 5G NR UE / consumer IoT (CIoT) device
- Universal Integrated Circuit Card (UICC) components
- Business Support System
- Operations Support System
- Identity Management System
- False base station detection capability
- Simulation equipment
- Network and telecommunication test tools
- Faraday Cage for licensed spectrum testing
- Commodity hardware with trust measurement capability
Phase 2: Securing 5G Infrastructure and Architecture
- Certificate management software
- Standalone 5G Core components
- gNodeB – centralized unit & distributed units
- Standalone-capable 5G UE
- Standalone-capable 5G CIoT device
- Container orchestration software
The tables above are extracted from : https://www.nccoe.nist.gov/sites/default/files/library/project-descriptions/5G-pse-project-description-final.pdf
Preparations aside from NIST Standards
In order to minimise weaknesses in 5G, we should take the following steps whilst preparing for the adaptation of 5G networking.
Setting 5G security foundation — Network providers will begin focusing on software protections, in order to deliver successfully, they will need to develop solutions such as encryption and networking monitoring.
Increased awareness on end-users — The wide variation of security quality involves the end-users as they do not know how safe or risky their devices are whilst connected to the internet. This ranges from the importance of software updates to to-do’s and don’ts of their devices. For example, your mobile phone, computers, all smart home device, and even your car’s infotainment system. Remember, any device that connects to internet, Bluetooth, or other data radio should have all the latest updates.
Practice strong password security. Always use passwords when available and make them incredibly strong. Long strings of random, variety characters are among the best passwords possible. Include uppercase, lowercase, symbols, and numbers.
Conclusion
In summary, the purpose of 5G is to open the network up to a wider set of services and allow the mobile operators to underpin these services. It is an opportunity to protect services and consumers from many of today’s threats. 5G comes with many built-in security controls by design, developed to enhance the protection of both individual consumers and mobile networks.
5G aims to deliver multi-network slicing, multi-level of services and multi-connectivity network capabilities. We have to work together to set the foundation to deliver the required flexibility, agility and economies of scale. We can look at 5G as an unprecedented opportunity to uplift our current network capabilities in industrial standards as well.