Network operators are deploying 5G networks around the globe on a widespread scale. This technology trend is defining and transforming the technological landscape for the foreseeable future. Meanwhile, a myriad of new 5G devices is appearing in the market, with many more to come. The requirements for 5G security are continually evolving, as is the attack surface.
To face that challenge, 5G security was substantially redesigned to address the known vulnerabilities that existed within the architecture of earlier networks. New cybersecurity frameworks were developed which include:
Zero Trust and Zero Trust Network Access (ZTNA)
Use of encryption on the transport level
Secure Access Secure Edge (SASE)
The new complexity in these 5G security frameworks, however, must also account for the continuous and growing number of new vulnerabilities. Therefore, building security from the beginning of 5G architecture development, rather than bolting it on later, is key.
The goal is to not only be capable of implementing trustworthy 5G services, but to also foster innovation, keep pace with it, and add new value continuously. To achieve this, a comprehensive testing strategy is required, right from the start. This facilitates timely test campaign development to validate and in turn ensure trust in the security measures you put in place. This validation must identify vulnerabilities and test to ensure the 5G architecture is secure.
Typical vulnerabilities and impact
Through Spirent SecurityLabs engagements, an array of vulnerability categories has been identified during the assessment phase. They include:
Signaling/Control Plane protocols
Public Key Infrastructure (PKI)/Network function (NF)
Operations, Administration and Management
If vulnerabilities remain unaddressed in these areas, the impact can affect an organization in a host of ways, some more severe than others, yet all impacting the ability to conduct an organization’s business operations as planned. The domains these threats occur in include:
Top five 5G security threats discovered by Spirent SecurityLabs
Through Spirent’s extensive global SecurityLabs engagements, the top five 5G vulnerabilities exposed were:
Unauthenticated remote code execution (RCE) – Allows for a full compromise by a remote unauthenticated malicious user
Authentication bypass (Unauthorized User) – Unauthorized direct access to restricted resources
Broken access control – Unauthenticated access leaves compromised access to NF functionality
Services running as root user – Unrestricted access to network resources
Information disclosure (pre-auth) – Insecure encryption at rest leaves insecure storage of sensitive data
If these vulnerabilities remain undiscovered or are unaddressed, they can place an organization’s business operations in a position of severe risk from both an operational and data security perspective.
Fundamentals of a 5G security testing strategy
The optimal starting point in crafting a 5G security strategy is to include 5G security in every business conversation from the outset and work with vendors you can trust to deliver security across all categories, particularly across the supply chain.
Recognizing the magnitude of vulnerabilities, any comprehensive 5G cybersecurity testing strategy must be aimed at ensuring the security of modern complex 5G infrastructure. This should incorporate security analysis and testing at different layers including hardware, firmware, operating system, middleware, application, and protocol stacks (e.g., signaling and control plane). The testing strategy should include:
Security Compliance Testing (CST)
Basic Vulnerability Assessment (VA)
Enhanced Security Assessment and Penetration Testing (PT)
Incorporating Public Key Information (PKI) security
Test automation for 5G security
The move to 5G standalone (SA) requires a new approach to validation. In the networking space, testing of previous generations of network equipment has focused on validation of well-defined physical network elements. With the new 5G Core and its cloud-native architecture, these monolithic network elements are superseded by individual CNFs (Cloud-Native Network Functions) that may be deployed in traditional centralized locations or closer to the network edge to enhance performance. Likewise, SD-WAN introduces multiple layers to the network with CNFs distributed across the end-to-end network from the core to customer premises, with releases that can occur on a weekly basis.
This variability requires that individual CNFs are validated both in isolation and as part of an end-to-end cloud network. To enable rapid collaboration and development, CNF validation must be automated and seamlessly integrated into systems for tracking feature requests, creating new builds and managing the status of testing and bug fixes. This cohesive and holistic approach is called Continuous Integration / Continuous Development (CI/CD) and is considered a best practice for accelerating cloud software releases. On top of this, test suites must be automated and integrated with CI/CD test environments, so that as new CNFs become available, they are rapidly validated.
A mature testing strategy should be designed to address this complex range of technology challenges and requirements. Many organizations struggle to build their own CI/CD environments. Too often, they don’t have the internal expertise or toolsets to do this on their own, nor do they have the time or budget to acquire them. On top of this, 5G brings diverse new testing demands that span cloud environments, network functions, transport layer and security. Building automated test suites that cover these diverse needs, especially security, is a challenge for many providers. At times, this entails bringing in third-party expertise.
For 5G, the industry has few proof points of deploying a fully virtualized, disaggregated mobile network, with advanced and complex security requirements implications. Having the right 5G testing strategy from the beginning can be the key to go-to-market success. To learn more, read our white paper, Keeping Pace with the Requirements of 5G Security.