5G mobile communications standard: vulnerabilities discovered

The managing director of PSW Group points above all to the innovations that can be significant for companies in general, but also for security in particular. Says Tulinska: "To make the 5G network standard as secure as possible, various security measures should be examined and optimized." In many ways, 5G eclipses its predecessors: Transmission speeds are increasing, while costs and energy consumption are decreasing. Previously unattainable response speeds with barely noticeable latency are said to be possible with 5G. This delivers the advantage of being able to transmit significantly more information in much less time. However, the new 5G network standard is not only expected to create higher data rates and improved capacities, but also to link networks more intelligently. This opens up new opportunities for digitization for companies: 5G can, for example, optimize both internal company networking and networking between companies. The number of networked devices will increase dramatically. Although 5G is often described as the most secure mobile communications standard to date, there are definitely risks, warn the experts at PSW Group: It is possible to access user locations, but also to launch man-in-the-middle attacks.

5G vulnerability discovered

Tulinska points to researchers at Purdue and Iowa universities, among others, who developed a protocol analysis tool called "5GReasoner" in fall 2019 and used it to identify 11 potential vulnerabilities. Some of them allow DoS or replay attacks, for example. The latter lead to very high mobile bills. "In order to be able to fix vulnerabilities, mobile communications protocols, including 5G, are constantly being developed. However, it can easily take 18 months or more before current versions are publicly available. Within these rather long update periods, 5G networks remain vulnerable," warns Patrycja Tulinska. Then there are the dangers of possible fallbacks to older protocol versions, such as when the mobile device cannot find a 5G signal. This device would then fall back to 4G or 3G and would thus be exposed to all the vulnerabilities that were left out of the previous generation protocol. There are also a whole range of other risks. For example, if manufacturers equip the network components with backdoors as hardware or software Trojans, not only can data be spied out, but sabotage attacks can also be carried out. "It is true that data in the 5G network is encrypted during transmission over the radio network and during transmission between network operators when roaming. Openly, however, they are processed in the core network on the respective components," Tulinska points out.

In any case, software plays a significant role in 5G architectures, so the resulting risks can be considerable. However, software vulnerabilities are a major gateway for cybercriminals, and vulnerabilities are a part of software. "We have to assume that this is no different for complex 5G software architectures," Tulinska said. Such complex software consists of a multitude of software packages and libraries, known as the software supply chain. "Dependencies in this globally distributed supply chain currently make it virtually impossible to attribute vulnerabilities or backdoors to a responsible party. Liability regulations aimed at this run elegantly into the void," notes the expert. When we talk about 5G end devices, we are not so much referring to 5G-capable smartphones as to critical processes and infrastructures, such as machines in a production line or self-driving buses. The software risks mentioned also apply here: "Before data is transported over the 5G network, it can be protected with end-to-end encryption. In this way, they pass securely through the entire 5G network. However, the targeted distribution of spyware on end devices could also lead to the infiltration of encryption. If data is intercepted at the source, even the best encryption is useless," Tulinska points out. Government influence, which already exists in conventional systems, for example with the aim of espionage or sabotage, should also not be underestimated. This risk increases in 5G networks, because the low level of diversification and strong software-based nature make government influence possible, for example via national manufacturers or through targeted infiltration of manipulated software modules. After all, 5G contains protection mechanisms that its predecessors did not have. "Components can be secured separately using new cryptographic solutions. So if it happens that individual components are compromised, the protection of the other components is still guaranteed," reassures Patrycja Tulinska. In addition, the long-term identity of a subscriber in the 5G network is finally transmitted in encrypted form. A new feature is also on board for roaming in 5G: Authentication Confirmation (AC). Tulinska explains, "The user device sends cryptographic proof of the identity of the mobile operator on whose network the device is located to the home mobile operator. This makes it possible to verify the device's identity with the home mobile operator." This means that 5G security has reached an exceptionally high level. However, the corresponding features must also be implemented. The IT security expert is skeptical about this, however: "It is unclear at the moment whether all security mechanisms will be deployed. This is because mobile network operators must first migrate their networks to 5G. Since this migration process is not laid down in the 5G specifications or by the legislator, the only thing left for companies to do is to prepare for the new network generation now."

More information here

Source: PSW Group