The need to advancing 5G Network Security - Vinay Sharma, Regional Director, India and SAARC, NETSCOUT.
5G is expected to transform businesses and economies, unlocking new business models and use cases across industry verticals. According to Accenture, 79% of businesses believe 5G will have a significant impact on their organization of which 57% believe it will be revolutionary, whereas only 24% felt the same about 4G. 5G technology has enabled and mandated new business-critical, mission-critical, ad security-critical revenue-generating services. However, with the agility and flexibility of the 5G networks, 62% of businesses are concerned it will leave them vulnerable to cyber-attacks. The benefits of 5G’s higher-speed communications come with corresponding increase in the range of threats to mobile networks. DDoS attacks are increasing in complexity, disrupting key systems, and causing major business losses. And recently, the barriers to entry for attackers have been eliminated. DDoS-for-hire services now allow users to test basic DDoS attacks before purchasing.
Attacks on Mobile Networks
The classic cycle of protective systems has evolved to enhance security measures for mobile networks and services. This evolution further enables them to inherently secure and to exhibit efficient use of traditional detection mitigation techniques. The challenge is seen when a valid service that is attached to the network begins to perform abnormally, such as the infected IoT or handset devices acting abnormally in the network due to a bad actor’s activities. These devices will infect other devices, and subsequently, data will be redirected to unknown servers. This type of 5G network security event can create signaling challenges within the 5G network and exhaust other network resources.
Carriers Securing the Mobile Edge
5G networks have an ecosystem in which enterprises and carriers converge to provide reliable services at the mobile network edge to realize the capabilities of edge computing fully and to support consumer services and applications. Enterprises expect specific service level agreements (SLAs) to include built-in threat detection for services and network slices. Consumers of edge services need to be assured they will experience reliable and secure services. Carriers must embed the needed 5G network security to support all subscribers.
Advanced Security Detection Engine
Protecting
the network edge calls for an advanced security detection engine that has the
capacity to scale and to provide end-through-end observability from RAN to core
to the data center edge.
Carriers
must consider observability from the onset to ensure network threat mitigation
at key points within the network: endpoint, RAN/backhaul, and services. When
attacks are experienced at the edge, it is too late to mitigate the 5G network
security issue. Using only edge data will not provide a complete view from
within the network to correlate and map complex control plane and user plane
information back from endpoint IP addresses to the subscriber, device type,
location, and so forth.
In addition, the complexity and agility of the 5G network environment make it very difficult for humans to discern valid device behavior and to proactively determine device compromise related to a DDoS attack, fraud, or data theft.
Advanced Security in 5G
Mobile Networks
Carriers should review the following elements when considering 5G
network security:
- Packet-level data to feed artificial intelligence/machine learning
(AI/ML) algorithms
- Specific AI/ML algorithms to determine device performance
- Security domain knowledge
- Key monitoring points within the network
In a disaggregated 5G network, carriers must consider observability from the onset to mitigate endpoint threats within the network. A robust solution which is a real-time network platform delivering visibility, performance, security and availability at scale, will aid in the 5G network security.
The need for Network
Embedded AI Mobile Security
Packet Level Network Data is leveraged in AI Mobile Security. Threats can be identified much more quickly
and mitigated here, within the network, which will reduce service and
infrastructure impact, and wasted capacity among others. It provides for visibility and correlation
across user and control plane end-through-end enabling in identifying the
broader range of threats. This also
delivers complete end-point view within a service which is key for
machine-2-machine services and in enforcing zero-trust between services.