Hidden Security Considerations When Moving to 5G

fhm/Getty Images

The newest generation of wireless technology comes with several transformative advantages, as well as some pitfalls.

The next generation of wireless technology is rapidly rolling out across the country. Called 5G or 5th generation, it promises a jump in speed and reliability that will enable mobile devices to act more like desktop computers connected to a wired network. Most experts say that the changes will be even more pronounced with 5G than they were when we moved to 4G, which was responsible for the explosion of the mobile applications and services that we enjoy today.

The advantages of 5G wireless in government will also be transformative, with the military seeing a lot of potential gains. The military will be able to, for example, put thousands of sensors, drones, autonomous vehicles, warfighters, IoT devices and nearly everything else onto a 5G network, without worrying too much about bandwidth constraints. That is one of the reasons why the military has taken a leading role in 5G adoption.

There are also some inherent advantages when it comes to the security of 5G networks. For example, most of the data traffic on a software-based 5G network can be routed through an IP tunnel, which is encrypted by default. The DOD can then layer even more security on top of that without worrying about clogging up the bandwidth of a 5G network. But even with better bandwidth and enhanced native security, there are a few potential hazards. I talked with an expert working in this field who wanted to make sure that a few specific 5G security concerns were not overlooked as we continue to push forward with the new technology.

Stefan Pracht is the senior vice president of product marketing for Axellio, a company that is known for being an innovator in high-speed, no-loss network traffic capture, distribution and analysis. In other words, they are experts at analyzing how traffic moves safely through a network, and how it might also run into problems.

NextGov: Before we talk about the potential pitfalls of 5G, perhaps we best reiterate the advantages of being able to bring together so many devices and applications within a 5G network. This situation within the military is probably best described in the US DOD Joint All Domain Command and Control (JADC2) program.

Pracht: The JADC2 combines applications and sensors from all military services into one unifying network to allow for information sharing to drive faster response. This will address the DOD concern that current command and control programs are too narrowly defined, too complex and too siloed in their approach.

NextGov: And JADC2 would probably not work right under 4G?

Pracht: Unlike 4G, which is predominantly used for mobile phone communication, 5G technology can interconnect a wide variety of endpoints, from traditional mobile phones to sensors and control devices of all kinds, often referred to as Internet of Things, plus the Military Internet of Things, and vehicle communication.

5G may enable militaries worldwide to deploy and operate networks while sharing their infrastructure and data quickly and easily across a nation’s military services or even across allied national militaries more quickly and easily. 

NextGov: Can you explain why 5G is also more secure?

Pracht: Typical 4G networks had a different approach to security which has been exploited by threat actors, at billions of dollars of losses for both service providers and users. In addition to being vulnerable to denial of service attacks due to their overall architecture, subscribers could be tracked, or IDs could be stolen, due to the lack of the initial authentication not being encrypted.

Even though 5G has implemented a lot of the 4G network architecture, it has taken a much more comprehensive, end-to-end delivery and security approach. 5G also defines Software Defined Networking and Network Function Virtualization for the network transport, allowing for multiple layers of security that prevent the 4G exploitations. 

This approach provides the flexibility and security required to configure the routing paths through dynamically configured virtualized network functions for highly versatile and extremely mobile end-devices communicating with a highly distributed and similarly dynamic application environment.

NextGov: Okay, all of that sounds pretty good. So what is the weakness you have found in 5G?

Pracht: The biggest challenge for 5G networks is also its strength—significantly more devices, more diverse applications and services are carried over the same network, providing a much broader attack surface. And with many of those devices being non-traditional end-devices such as sensors and military or other IoT devices, traditional security paradigms, such as keeping Operating Systems up-to-date and installing end-point protection, are no longer feasible.

NextGov: What are some specific problem areas that are making secure 5G networking more challenging? Can you break this down into specific points for us?

Pracht: Yes. While 5G is probably the best example of end-to-end security being built into every part of its definition, its Achilles heel is that this is a fundamentally more secure, but also a different approach to networking and application delivery, and to securing communication.

[The challenges, according to Pracht, are as follows:]

  • First, vendors are not ready. Delivering these 5G networks takes a diverse set of suppliers. But lack of standard interfaces and immature technology makes this difficult. Most required technologies, if available, are often vendor-specific, custom solutions targeting certain verticals and use cases. And standard and open-source software offerings are very immature at this point.
  • The virtualized and cloud characteristics of 5G create new visibility challenges. IT operations departments still struggle to get visibility into most commercial cloud and virtualized environments to configure, maintain and secure today’s environment. Adding the scale and complexity of 5G networks will not make this any easier.
  • The massive increase of end devices and traffic will easily overwhelm today’s network and security monitoring approaches and solutions. Enterprises are already challenged by the amount of data that networks are producing for analysis today—and 5G networks will exponentially increase the available metadata.
  • End-to-end encryption, especially TLS1.3-based, will make traditional monitoring approaches obsolete or significantly weaken their value. Concepts like application and network traffic flow analysis or network detection and response are very much dependent on visibility into TCP and even some of the application layers. Encryption will render a lot of this information inaccessible for analysis applications.
  • Interconnecting end-devices not initially designed for connecting to communication networks, are often designed by vendors that have expertise in the primary technology—such as building drones—but not in implementing wireless communications for swarm computing and analysis. This introduces vulnerabilities that traditional communications vendors are well aware of and avoid.
  • There is a lack of wireless technical skills, expertise and headcount for development and operation, in both vendors as well as commercial enterprises and defense organizations. 5G is an extremely complex amalgamation of leading-edge wireless, networking, security and application infrastructure technologies. As we are currently experiencing in cybersecurity, demand for this expertise easily outstrips supply, and education is fragmented at best.

NextGov: How do you think that those concerns can all be overcome?

Pracht: Government and especially defense projects often force diverse organizations to work together to address issues, by providing research and development funding and an environment that fosters cooperation. However, we need to be careful that we are not falling back to building vertical solutions that only solve the communications problem in one area, defeating the purpose of a unifying network. 

Many of the other wireless technologies, especially 3G, 4G, and 802.11 wireless have only solved the wireless transport problem. And even as they secured the wireless transmission, all the communication going across this transport has left security to the endpoints and the network as a whole. The more comprehensive, end-to-end, and modular security approach of 5G is something that any network, not even just wireless networks, could benefit from. With 5G, it even has built in the ability to integrate 4G access networks into the overall concept to allow for a more gradual evolution. 

NextGov: So despite these concerns, you feel that government can move ahead safely and securely with 5G?

Pracht: As I mentioned before, government and defense projects can be a huge enabler by providing guidance, motivation and funding. Service providers have given us the essential 5G wireless access technologies and some of the initial network infrastructure, but applying these to commercial and military solutions that go beyond higher-quality consumer YouTube videos will drive our next industrial revolution. 

John Breeden II is an award-winning journalist and reviewer with over 20 years of experience covering technology. He is the CEO of the Tech Writers Bureau, a group that creates technological thought leadership content for organizations of all sizes. Twitter: @LabGuys

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.