A Guide to 5G Cybersecurity on IoT Networks

Estimated reading time: 7 minutes

5G offers unprecedented speed and scale to IoT operations. However, it comes with a new generation of security threats. 5G IoT services no longer neatly fit into the traditional security models optimized for 4G LTE cellular. Its higher bandwidth and greater number of connected devices pose additional risks. 

Keeping systems updated and protected against evolving threat scenarios is challenging. 5G IoT requires a vast distribution of decentralized, small cell networks. 

5G introduces new technologies and capabilities that improve cybersecurity and address threats in previous networks, including: 

• Mutual authentication capabilities 
• Improved signaling data integrity protection 
• Enhanced data privacy protection 

The overall increased complexity broadens the attack surface scenario, as stated in the GSMA 5G Security Guide. Multiple industry stakeholders shall manage the risk in this evolving threat landscape.  

Top IoT Security Concerns and Attack Types for 5G Networks 

With more IoT devices connected, the attack surface will expand. This increased attack surface is one of the main concerns as the number of connected devices grows. 

Botnets, network-level attacks and other malicious activities present a complicated security picture. Top concerns include attacks on:  

• Radio interfaces
• Signaling plane
• User plane function (UPF) 

Types of common cyberattacks include:  

• Masquerade: In this tactic, also called spoofing, a device, user or system is impersonated to gain access to sensitive data or areas. Phishing is a type of masquerade attack. 
• Replay: A replay attack is when a hacker intercepts encrypted data or a message and retransmits it to the recipient. 
• Downgrade: This attack exploits backward compatibility by making systems switch to a less secure mode. It is also called a version rollback or downgrade attack.  
• Man-in-the-middle (MitM): Like replay, MitM is an eavesdropping attack. The bad actor intercepts communication between two parties, inserts themselves and controls the conversation or transaction. 

5G’s increased bandwidth and low latency can make these attacks more damaging. Bad actors can exploit faster speeds and greater capacity for malicious purposes. Researchers warn that the increase in data traffic and mobile IoT connectivity comes with significant risks.  

The telecom industry must address these threats. The potential impacts of IoT botnet attacks — which compromise 5G-connected devices — could increase the effects of a DDoS attack. 

Most importantly, 5G cybersecurity must be built-in by design as an integral part of the system architecture.   

4 Challenges for IoT Cybersecurity on 5G Networks 

Network designers must anticipate and prepare for threats to ensure optimal security for IoT deployments. They must build effective security features into 5G networks rather than attempting to address issues as they arise.  

The most critical 5G IoT cybersecurity challenges include: 

An Evolving Trust Model  

Trust models establish guidelines. They set standards for how devices evaluate other devices’ and systems’ security and whether it’s safe to connect. The trust model has evolved between 4G and 5G networks.  

In a stand-alone 5G system, trust decreases with distance from the network core. Trust is anchored in the Universal Integrated Circuit Card (UICC) and the Universal Subscriber Identity Module (USIM). IoT developers and network operators must work together. Their hardware and software should operate securely using the new trust model. 

Authentication Systems  

Providers use authentication systems to identify various devices on a 5G network. These systems have also undergone significant evolution between 4G and 5G. Many authentication models are supported, and all are radio access network (RAN) independent. For example, this means they can run over Wi-Fi. 

Strong authentication is essential given the number of devices that gather data in massive IoT networks, like: 

• Connected city infrastructure  
• Hospital systems  

Data Privacy  

While 4G and older technologies struggled to guarantee privacy, 5G tackles this problem specifically. Because it’s primarily software and cloud-based, it’s easier to monitor than previous systems. 5G also encrypts more data for increased cybersecurity. The infrastructure changes will require carriers, integrators and privacy experts to adjust to a new normal. 
 
The changes provide a solid foundation for data privacy in the future. However, the increased data from 5G devices — especially in sensitive sectors like health care — raises new privacy concerns. Artificial intelligence (AI) integrated in 5G networks collects and analyzes vast amounts of personal data. 

Moreover, in certain specific use cases, 5G networks could enable more accurate geolocation data. GSMA highlights the privacy concerns this raises, particularly if such data is misused or accessed improperly.  

Network Slicing 

5G introduces the concept of network slicing. To help improve security, the network is divided into separate virtual networks. This enhances efficiency and optimizes network resources related to bandwidth, latency and reliability. This technology allows for isolating several types of traffic and services to reduce the risk of widespread attacks. 

However, misconfigured network slices could introduce potential risks: 

• Cross-slice contamination: Vulnerabilities in one slice can potentially affect others sharing the same physical resources. A compromised network node in some misconfigured scenarios could increase the risk of Denial of Service (DoS) attacks and man-in-the-middle (MitM).  
• Unauthorized access and data leakage: Improper configuration can lead to unauthorized access on data and system between different slices. 
• Denial of Service (DoS) Attacks: Network slicing’s inherent flexibility, coupled with its dependence on centralized orchestration, exposes control elements to potential DoS attacks.  

Emerging 5G Cybersecurity Solutions 

Numerous recommendations for managing 5G security threats are the same as those for managing threats to current networks: 

• End-to-end strong encryption protocols 
• Robust authentication and authorization mechanisms across the entire infrastructure 
• Micro-segmentation to reduce potential abuses  
• Making threat intelligence a top concern with continuous monitoring practices to detect and respond to threats 
• Supplier Management to ensure third-party vendors adhere to security standards 
• Training employees to prevent attacks dependent on human error 

Another emerging solution is the implementation of private 5G networks, especially in B2B and specific vertical markets. These private networks can help improve 5G infrastructure security. They provide a restricted environment that better protects data privacy and resilience. 

Established practices will still hold value. However, 5G use cases in IoT applications will create threats that require smarter solutions. Linked devices and machines will store and transmit sensitive personal data. The sheer volume of this data will make it difficult to secure. 

The New Normal in 5G Cybersecurity 

The new normal in 5G security involves a shift across different actors, including carriers, integrators and security experts. It requires close collaboration and understanding risk scenarios and threat models at each value chain layer.  

The complexity of 5G implementations demands alignment to apply security by design. Without this alignment, there’s a risk of creating a weaker security posture. The transition to 5G promises to offer companies a powerful tool capable of powering faster, broader IoT deployments. 

Speak with our IoT experts to learn more about our 5G modules and our security by design approach to IoT solutions. 

Editor’s note: This blog was originally published on 15 May 2019 and has since been updated.